Hacker News new | past | comments | ask | show | jobs | submit login

It looks surprisingly reasonable.

"internet platforms that organise and promote large amounts of copyright-protected works uploaded by their users in order to make a profit"

That's actually a lot of limitation. From my understanding: "organise and promote" means it is not simple hosting, and "in order to make a profit" excludes organizations like Wikimedia Commons and "large amounts" most likely excludes smaller websites like fan sites, and "uploaded by their users" exclude search engines.

It is clearly meant to target a form of abuse that is much too common in the "internet as we know it". It is mostly apparent in sites like PornHub. They live by monetizing content they don't have the rights for, and they use their status as a platform as a way to stay legal. I think YouTube admitted that in the early days, they voluntarily turned a blind eye to copyright infringement as a way to grow ahead of their competition.

It is unfair to legitimate companies who do their best to make sure their content really is original or properly licensed.

And if it changes the internet as we know it today, is it that bad? It will push people to self publish instead of relying on "platforms", like the old internet.

As for the potential for abuse, remember that the article isn't finished, it has yet to be completed, ratified, and tried. Public debate is important and we shall not let everything pass, but IMHO, the spirit is good.

For your info: Hacker news is:

  - an Internet platform
  - that organizes and promotes large amounts of posts
  - which are copyright-protected works uploaded by their users 
  - in order to make a profit as it is an advertisement for y combinator.
So hacker news needs a filter lest you quote a sentence from some movie.

What is 'meant' is irrelevant. Important is the letter of the law. Besides, 'meant' is a very dangerous word when used by politicians as jaded as the EU folks. It is a way to whitewash unpopular laws, and make them look reasonable when they are in fact the complete opposite.

One way to "fix" this, unfortunately, is the same way some firms "fixed" their non-GDPR compliance. Block European users. More specifically, block users coming from IPs known to be located in Europe.

Fundamentally, laws have jurisdictions that they are valid in. Imposition of a law outside of a jurisdiction is problematic at best, as it enables some bad actor countries (pick and choose who you want to consider to be in this group) to export their internal battles globally.

A great example of this is the US's FATCA rules, which have resulted (at least initially) in many non-US banks denying banking options to US citizens. Due to the threat built into the law, of being unable to leverage US banking system, if they fail to comply.

As someone else commented, the road to hell is paved with "good intentions". Solutions will emerge to route around the liabilities and costs this creates, but probably not initially.

Yep, it is. The directive applies to Hacker News.

And it will certainly be in trouble people decided to use it to post an entire Harry Potter novel and it becomes the go-to place to read it.

But Hacker News has moderators, and in practice, these posts are aren't likely to stay long, therefore fulfilling Article 13 obligations.

I'm pretty sure that movie quotes are not copyright-protected. And the last point in the article seems to be there to protects such uses explicitly.

As for the potential for abuse, I don't know, I am not a lawyer. But as I said before, it is just a directive, not a law, and it is incomplete. The spirit is all we have now, there is still a lot of work to be done on the letter.

Why would movie quotes not be copyright-protected?

They are almost certainly copyright protected, with copyright law provisions granted for certain fair use purposes.

Keep in mind that "fair use" is an American doctrine, not built into international copyright treaties and often defined administratively (not legislatively) in other countries. And we are discussing copyright law in Europe. Europe uses several itemized exceptions to copyright; a movie quote could fall under 5.3i "incidental inclusion" or 5.3k "pastiche", or in some contexts 5.3d "criticism and review", but there's no overall doctrine that "reasonable uses" are allowed.

According to Wikipedia, fair use is mentioned in the Berne convention https://en.m.wikipedia.org/wiki/Berne_Convention

That outcome sounds a lot like the outcome of US system.

Except in the U.S. judges can organically evolve the system as new questions arise and better resolutions are found. The continental legal system is much more bureaucratic. This matters because it's easier to push boundaries when the rules aren't written in stone, permitting more rapid and responsive evolution of the law.

Interestingly, the U.S. is slowly moving toward a more continental-style legal system while the E.U. is actually moving toward a more judge-made law system. That's because fragmented jurisdictional power in the E.U. has forced European judges (at both the national and EU level) to embrace de facto law making powers, and increasingly embracing doctrines that look exactly like stare decisis. (French-style civil law is a relatively recent development, anyhow; Europe isn't adopting the English system so much as reaching back into their own legal traditions to find a similar model of jurisprudence.)

By contrast, the bitterly partisan, winner take all politics in the U.S. has seen both the Democrats and Republicans attempt to centralize more power, both at the state and federal level. And judges, especially at the Federal level, increasingly eschew their law making role (albeit inconsistently). This is, arguably, why many common law copyright doctrines long relied upon by the open source community have begun falling to the wayside; judges increasingly prefer sticking to the strict letter of the statutes, effectively discarding the old doctrines that channeled and constrained their application.

Judges at the federal level do not have a law making role. Their job is to interpret the Constitution.

This isn't true, even from a textualist or originalist point of view.

"Judicial Conservatives" in the US disagree with "Judicial Activists" on whether (or to what extent) it is OK to creatively interpret laws (including the Constitution) to get preferred outcomes.

But all common law systems take for granted that judges fill in the inevitable gaps in the law by setting precedents. They can't just interpret it ab initio each time (which in principle is what they are supposed to do on the Continent, though I don't know about practice).

So for example, suppose a city bans anti-abortion pamphleteers from operating on the street outside an abortion clinic. Does that violate the 1st Amendment? Does it matter whether the pamphleteers are quiet or noisy? Does it matter if the exclusion zone is 10 feet vs. 1000 feet?

The text of the constitution is too compressed to answer those edge questions directly. Instead judges have come up with finer-grained rules to satisfy the general requirement of the text, and try (or claim to try) to apply them consistently. Developing these rules is lawmaking.

Thank you very much. Great points. I concede.

The law has an exception for quotations.

How can you prove that it came from a movie? You can not copyright words else no one would be able to say anything. That's what trademarks are for.

easy from the perspective of this law: build a db of every line spoken in every movie. Then block all posts containing a line from this db. If this blocks too much, dang provides human appeal.

UPDATE: To be clear, I am very much against this law. The collateral damage will be immense. But the politicians who want this law, they simply dont care.

...Which is a shockingly bad idea. Europe is crushing itself under it's own administratove state.

Is HN a EU entity? Sure they could decide to abide, but legally, the EU has no jursdiction over other countries. It's going to (continue to) break up anyway so this is all rather moot.

Most film quotes on HN would be covered by "fair use"[0]. If someone pasted an entire script in a comment that would be something different entirely, and likely to be picked up by the existing flagging or moderation system. Also, I'm not entirely sure how HN itself can be said to be profit-making, e.g. there are no subscription fees to use it and it doesn't appear to have any advertisements from any advertising platforms.

[0] e.g. https://www.bl.uk/business-and-ip-centre/articles/fair-use-c... for UK and https://www.copyright.gov/fair-use/more-info.html for US

Fair Use is cold comfort, if we’ve learned anything from the abuse of DMCA.

Fair use is annoying vaguely defined in the law. This means media companies will tell you that's it is so limited as to be almost useless, while the EFF and the courts may disagree. You may hear stuff about "10 second clips are the max allowed by law", but the law doesn't draw any clear likes like that and in fact is usually much more generous. Typically quotes like that come from a single precedent where someone was acting outrageously in many other ways and not relevant precedent for what you're doing.

That's true in the US. EU law actually knows no such thing as vague, court-interpreted fair use. The EU instead has a list of very specific exceptions and limitations to copyright – which member states don't even have to implement, so what you can do varies widely.

I highly doubt they would be flagged and instead upvoted. I have seen multiple instances here where a US website has blocked the EU due to GDPR and some user posts the entire content of the article as a comment.

It would be both - having a copy of an entire article is both desirable for the readers and dangerous to the service.

Companies pay to get their job listings in front of the HN eyeballs. This is advertising.

I feel like we had this exact same argument over GDPR, but no horror stories have descended about Mom and Pop operations run out of business but the evil Brusselcrats.

> we had this exact same argument over GDPR, but no horror stories have descended

Romania has already deployed GDPR as a weapon against its press [1]. I also have a short list of anecdotes of economic activity (start-ups and other new market entrants) that would have happened in the EU but, in large part due to compliance costs–including GDPR–wound up happening outside the EU.

[1] https://euobserver.com/justice/143356

And the EU is trying to prevent Romania from doing it. I don't see your point. Romania could just have used another law or just made a new one to harass the press.

> the EU is trying to prevent Romania from doing it

Giving people in power broad discretion with the law and then counting on them being nice is a delicate strategy. It counts on every administration being benevolent.

> Romania could just have used another law or just made a new one to harass the press

There is a big difference between using the authority of the EU, through an EU regulation, and passing a domestic law to go after people you don't like.

More broadly, this argument can be made against any over-reaching law. Just because some hypothetical law could be bad doesn't make an ambiguous law granting widespread power to select bureaucrats okay.

This is not related to business but there's a horror story with Romania (it's in the EU) asking a news organization to provide informants information related to some corruption leaks.

The information is requested by the national GDPR enforcer so it bypasses the prevention written in the GDPR about news leaks.

Now there's a trial going around with this which blocked any further spread of that information until it's solved. It can be easily seen how the GDPR can be weaponized.

Isn't that just straight abuse of the law? AFAIK GDPR only protects your personal information, it can't be used to request someone else's personal information (if anything, you could argue that GDPR prevents you from giving out another person's info).

This isn't the police or the parliament asking for the information. It's the regulatory body that does inspections to companies to see if they respect GDPR.

So the pretext they're using is that they want to see the information to make sure that the news organisation is not selling it or mishandling it to other third parties. In the process, they'll be able to get the information and maybe it will go to the people involved in the corruption charges (which is the head of one part of the Parliament).

wouldn't any other regulatory body be able to ask that data to check, for example, if they are doing _anything illegal_ with that data?

For example, can't you check for all data to verify that the business is not doing anything with forbidden individuals or countries? (think OFAC)

I don't think GDPR allows anything more than any other law.

Potentual for abuse of laws is one of the concerns people have about laws.

They aren't actually following the letter of the law, so to me it's unclear how much they actually abuse the law rather than simply pasting the GDPR logo in one corner in a sort of legal phishing attempt.

It's a concern people have about governments.

The subjects of the injunction can likely refuse and appeal to the European Court of Justice, which exists precisely to sort out these situations.

GDPR has had a very detrimental effect on user experience, with never ending popups and warnings about crap nobody understands. And being in the EU there's several US publications we can no longer access.

I can buy arguments that extra compliance efforts make some businesses not cost-effective in Europe, but this particular argument is nonsense.

It's like a factory that dumped toxic waste into a river complaining that, because of a ban on dumping toxic waste into rivers, they now "have to" dump them to nearby meadows instead, and that makes local customers unhappy.

"Detrimental effect on user experience" is an intended effect that clearly signals the company doesn't want to stop abusing its users.

It's not just the costs, it's attaching a 20M EUR risk to activity that may not even be worth 20M of revenue.

No, the risk is created by abusing customer data. If the cost was less than revenue then it’d be a toothless law.

GDPR is the size of a novel and attorneys can't even agree yet on what counts as PII. It's nowhere near a crisp law that only prohibits bad things you'd know not to do.

Yes, that's right, it's messy when you are tackling legislation to play catch up with technology. We've seen how wrong it can go with stuff like the last generation of cookie laws that were too tightly coupled to implementation details. GDPR is actually a nice step forward into resolving these huge gray areas that the web and smart phones have enabled as they become mainstream.

The status quo where corporations make vast profits peddling ever finer-grained user data unbeknownst to the consumer with no oversight is not good. A cultural shift is necessary. I'm glad to see the EU has the stones to tackle the issue because there is zero political will stateside for any political action other than driving corporate profits masked by populist appeals to xenophobia and whatever other irrelevant distractions they can cook up.

No, it's more like prop 47: "Hey, you have to warn people if there are carcinogens inside. No penalty for false warnings."

Every business: "Stuff in here causes cancer."

Every customer: "Okay."


Every business: "Hey, we use cookies to provide a better experience. That okay?"

Every customer: "OK."

> Every business: "Hey, we use cookies to provide a better experience. That okay?"

They're not required to unless they're using cookies for something other than providing better experience. Also, that's cookie laws, not GDPR.

It's more like:

GDPR: "We see you doing X, Y and Z which are pretty abusive. We want you to not do X, Y and Z, but if you absolutely must, you can only do that to volunteers and you can't deny service to people who do not volunteer. Oh, and it really must be opt-in."

Every business: "Hey, we do X, Y and Z. That okay? [x] no >>> [ ] <<< !! YES PRETTY PLEASE".

Seeing HackerNews complain about GDPR is a strange experience. Every day I utilize GDPR to ensure that I am not tracked by the websites that I visit. The expectations of GDPR are lower for smaller companies.

GDPR is a massive win for the individual.

> Hey, we use cookies to provide a better experience.

Cookies are a separate law and entirely unrelated to GDPR.

Also the annoying "this is what we are doing, you have to agree to this to proceed" is explicitly forbidden for the GDPR. So your criticism does not apply.

You can thank large media conglomerates for the latter, all it takes is one executive decision for dozens of networks and websites to start geo-blocking Euorpe.

GDPR is still fairly new, and it usually takes a while for the full consequences of complex new legislation to be felt.

As an American who spends a lot of time in Europe, what I have noticed is that a majority of local news sites in the US block me from accessing them using IP geolocation.

An old client of mine, an actual mom and pop operation in Germany was harassed and was almost ran out of business by a law-firm who went around, the moment GDPR dropped, trying to find targets to sue.

Do you have any details? What did the mom and pop operation sell? How did they go afoul the GDPR with this?

AFAIK, no independent lawyer can sue you for violating the GDPR. Only the German regulatory body could sue them.

They received a letter threatening a lawsuit due to the fact that they had a newsletter sign up form without double opt-in feature on their site and some explicit legal documentation missing. Other than that it was a really simple presentational site made in Wordpress. Our business relationship ended years ago but I received a mail from them years ago asking for help in putting those things in because they were afraid of having to deal with legal stuff over such small bs. I obviously did.

Now I don't know German law, as I'm not German, but it felt like they were really afraid that it could happen.

These are enforced on a national level though aren't they, in the UK ICO doesn't have the resources to hunt people down and are probably only going to enforce action against major players in the market as they are under the most scrutiny.

The problem comes when a nation decides to use those rules in a way that is detrimental to the populace or a service they see as troublesome.

> no horror stories

law need to be tested trough time, because it will be used by the next party in power for hundreds years, whether you like the party in power or not.

the only reasonable way to reason about law is full on pessimism.

it's like we already forgot the tyranny that was going on less than a century ago and was acquired through escalating legal abuse.

Does the EU parliament even have parties?

no they forbid dual mandate, they have now groups but those are super nationals. but the country receiving the regulations do, so there's that.

GDPR has a very worthy purpose though: companies were taking far too many liberties with people's personal data. I don't see analogous problems with copyrighted material (there is some infringement, but it doesn't really seem problematic to society).

That's not what it's for. The GDPR legslates what events one can remember (using incrementalisim). It's ultimately an attack on general purpose computing.

> It's ultimately an attack on general purpose computing.

I don't get it. How is GDPR an attack on general purpose computing?

Does your GPC comply with the GPDR?

But people can store data on themselves on their own PC of course. I don't see how GPDR affects that. I don't want a GPC that sends personal data back to the mothership anyway.

It's incremental. The companies covered by the EU's GDPR are untimately comprised of people too. It's easiest to start with a subset, and the GDPR is no exception to that rule.

Ya lost me on the reporting to the mothership thing, that is definately what many power centers would like, for example, non-DRM 3D printers that can cheaply print metal objects will be reserved for criminals in countries controlled by repressive regimes because they can make effective life saving tools.

It's not clear what's going on with GDPR, good test cases are only now starting to be tested. But the fact that many American newspapers, for example, are blocked in Europe is certainly something to worry about.

> But the fact that many American newspapers, for example, are blocked in Europe is certainly something to worry about.

They are not blocked. They have chosen to take their services offline because they don’t think changing their business model such that it no longer depends on aggressively tracking their users is worthwhile or cost-effective. Which is fine by me imho.

You must understand the economics. Newspapers have zero cash on hand these days, so their choice was to fire staff to allocate money for GDPR or not. Seeing how staff is at a minimum, that was the practical option. Result is equivalent to censorship. I'm surprised you don't find this a terrible outcome.

> Result is equivalent to censorship.

I don't agree that if a business chooses not to operate in a country, because it's unwilling to spend the money required to comply with the country's laws, that that is equivalent to censorship.

Another person's personal information is not protected speech.

I always viewed it as a transaction--go to the news site and read the news, in exchange they will sell data on what articles you're reading, etc.

I was fine with that transaction. In fact, I would rather have them sell my data instead of charging money.

Consumers have a choice on whether or not they want to go to these sites, it's not like they are forced to give away their personal information to news sites.

I would say the GDPR blocking news sites is a net negative because it denies consumers the choice to read news stories.

> I always viewed it as a transaction--go to the news site and read the news, in exchange they will sell data on what articles you're reading, etc.

And I always thought (back in my more naïve days) that I read the site in exchange for being advertised to. Point being, the exact details of the transaction were never shown to the visitors. GDPR fixes that by forcing companies to state the terms of this transaction explicitly, and actually ask the visitors if they're willing to participate in it.

GDPR isn't blocking any sites, it's only disallowing a very particular way of getting users to give up their data and then monetizing that data. Nobody is entitled to their business model working forever, and some companies prefer to shut off a large segment of their market instead of updating their business model. It's their choice.

Agree. There are ways to protect your data if that’s important to you. If I walk out in the middle of a freeway I should expect that I might be hit by a car rather — the EU instead says, “let’s ban freeways”.

No, EU says "let's put signs that point to where there are (previously invisible) freeways".* GDPR does not ban any practices, it just says that certain practices need to be communicated to and approved by the people affected by them.

*metaphors can get quite silly

I personally don't think that it is any government's business to regulate a company that is not inside its jurisdiction, I also don't think think it should be their prerogative to stop me from engaging and communicating with one just because they rightfully say that it's not their job to bend the knee to them. As an adult the EU is neither my parent nor my guardian.

>They are not blocked.

Self blocking in response to a law to avoid the penalties under the law is being blocked by the law.

Self-blocking instead of making one's business model compliant with the law is a choice. An alternative would be to update the business model.

That's all there is to it. GDPR isn't banning news sites, or other companies; it's banning a very particular set of antisocial business practices.

You’re muddying the waters. Just because someone doesn’t want to take on the compliance burden does not mean they have an antisocial business practice. What you’re saying does not logically follow.

It does, you just made an illogical connection. I didn't say that companies who self-block must necessarily have antisocial business practices. I only said that GDPR is banning those practices. I also said that companies have a choice between removing themselves from European market or adjusting their business model to be compliant.

> companies have a choice between removing themselves from European market or adjusting their business model to be compliant

The problem isn't only adjusting business models. It's proving you've adjusted your business model to twenty-eight EU regulators. If one of them misbehaves, you now have to wage a legal fight in a foreign jurisdiction. Against those costs and risks is a minimum required revenue. If that revenue doesn't exist, it doesn't make sense to serve that market. Regardless of your business model.

So if a law gives you a choice in how you choose to censor a work of literature, would it be the artist's self censoring and not an act of government censorship? Assuming we applied the same logic.

> But the fact that many American newspapers, for example, are blocked in Europe is certainly something to worry about.

There's just one large company that decided to block EU visitors: Tribune Publishing[0]. Yes, them blocking Europe is bad. Them owning so many local newspapers that this decision even makes an impact is a bigger problem.

I'm not saying that they're the only ones blocking Europe, but I am saying that we wouldn't think of it to be as wide spread if it weren't for Chicago Tribune, Baltimore Sun, and LA Times (among others).

[0] https://en.wikipedia.org/wiki/Tribune_Publishing

LA Times was blocked before but now loads fine in EU. The other two are still blocked.

tronc [vt] To make content unavailable in certain jurisdictions due to unwillingness to comply with their laws.


* Tribune have troncked Europe because their data control is jazzy.

* Google should really tronc China - fight the Firewall!

The GDPR is very similar to the old Data Protection Directive, which came into force in 1995. Many member states had done a piss-poor job of implementing and enforcing the DPD, which was largely the motivation for passing the GDPR. Directives have to be transposed into national law by individual member states, while regulations are immediately applicable across the entire Union.


I'm not saying there won't be an effect, but having an effect it's why you pass a law. But 8 months in, and the landscape doesn't seem radically altered.

If anything, major players deciding not to compete in a market is good to my mind, as a means of increasing a diversity of business styles. Laws like this make businesses pay for the actual cost of thier hidden externalities.

[humor] Given the "quality" of reporting in most of the publications here, we should be thanked for that outcome [/humor]

More seriously, GDPR should not extend beyond its jurisdiction. It does though, and there are consequences. Blocking european IPs cost (loss of revenue) must be balanced against compliance costs.

Claims that "they've had N years to prepare" are specicious, if for no other reason than they aren't bound by the specific law. Meanwhile the law introduces a new, potentially large, liability. Which results in companies self censoring by geolocation.

This is what you call an unintended consequence. Remote access to quite a few resources outside of Europe is likely to be restricted should this pass into EU law. As we like to say here, elections have consequences.

FWIW, I support the aims of GDPR, and wish we would get a sane law on this here in the US as well. But I don't want our law extending to others. That would be unfair to them.

Have you ever heard about the financial law Fatca? Please read up. What about sanctions of Iran that the US forces the rest of the world to go along with?

The US is probably the biggest "exporter" of laws that are forced down the throaths of all other countries.

American newspapers don't need to care about GDPR. Most websites don't need to care about GDPR. Europe does not get to dictate how non European based websites operate. The GDPR can be outright ignored for a significant part of the internet. I have no idea why an American newspaper would give a shit about GDPR. They could literally put a huge banner up saying "fuck GDPR" and face zero legal consequences.

I’m not sure how accurate that is. It’s obvious to me that American companies larger than mine have cared enough to take action. If they really had no obligation I’m sure they would have simply done nothing.

Do they also follow Saudi Arabian law?

>"internet platforms that organise and promote large amounts of copyright-protected works uploaded by their users in order to make a profit"

HN does not organize large amounts of copyright-protected works, nor are the links to articles an 'upload'. If HN organized PDFs of the linked articles so you could just skip heading to a third party site then we'd be talking.

'meant' is not a dangerous word. All laws require interpretation, which is why most countries have specific interpretation guidelines for legislation and even then sometimes it takes a few cracks at the can to get it right.

That's not something 'dangerous', although it can and does go wrong from time to time. But it's a standard risk of rulemaking as it's the standard process for courts interfacing with legislation or other rule-making texts.

Many of the comments on HN are substantive enough to be covered by copyright, and modern copyright law protects everything protectable whether there’s a copyright notice or not.

...So what?

Comment content is governable in the site ToS, where copyright assignment or other methods of defining the respective user/site rights can be dealt with.

Even if it wasn't, your performance in posting implies consent to provide at the very least a limited license to publish content you posted.

So where's the beef here?

> Comment content is governable in the site ToS,

Which is probably non-binding or invalid in most non-US jurisdictions and does not address the problem.

> Even if it wasn't, your performance in posting implies consent to provide at the very least a limited license to publish content you posted.

That is like claiming a random user uploading Star Wars movies on youtube is no problem because that user gave them a limited license. That "license" is obviously invalid and Disney can claim copyright infringement. The proposed law now discusses whether "random user" or youtube or both are liable for this.

Only that, the comments section alone on HN is pretty straightforwardly “organis(ing) and promot(ing) [...] copyright-protected works uploaded by (its) users”, and so whether or not it falls under the scope of this section(1) hinges only on the regulators’ and courts’ opinions of what a “large amount” is.

(1) In a hypothetical world where this law has unbounded jurisdiction

Even if we take this doomsday hypo at face value (HN promotes comments? Really?), so what?

What's the scary remedy for a copyright holder if they already provided a license to publish the published content?

User posts don't make every forum into pornhub. Calm down.

> What's the scary remedy for a copyright holder if they already provided a license to publish the published content?

The core problem this law is trying to address is that website users are, en masse, contributing content to websites when they don’t have a license to do so. This behavior is against pretty much all websites’ terms of service.

As there are many users with no money all putting illegitimate content onto a few websites with a lot of money, this law seeks to shift the burden of liability onto the websites. As a policy, it’s not completely unreasonable, but makes the mass content-farm websites like YouTube unfeasable.

The lawmakers fear for their jobs if YouTube shuts down because of their new law, so they carve out a bunch of exceptions to let key sectors of the internet continue operating (with some work to comply).

The broadest of these, implementing automated content filters, is expensive and unreliable. Operators of smaller websites, such as a typical Internet forum, have their own exception. The problem is that the boundaries here are vague and (potentially) poorly drawn, leaving sites like HN (if it were in EU jurisdiction) with a bad set of options:

  * Hope nobody notices
  * Accept the liability and vigorously police the site manually, probably buying insurance against a judgment 
  * Rely on judges allowing them the small-volume or non-profit-seeking exemptions
  * Implement content filters that are expensive and a terrible user experience

"As a policy, it’s not completely unreasonable, but makes the mass content-farm websites like YouTube unfeasable."

...? Where are you getting this?

Have you read the current copy of the draft proposal? I did.

None of the restrictions are going to kill sites like Youtube (let alone HN). The proportionality element alone makes the 'we need to invest 200% of our revenue into content blocking' myth absurd.

Will some margin need to be shunted into mitigating unauthorized distribution of works that profit the platform? Yes. But that's already the law. It's literally unjust enrichment 101.

> Where are you getting this?

My imagination, mostly. Note the policy being referred to in that sentence is meant to be a hypothetical one that was never actually proposed, which shifts liability without any of the safeguards. The second clause is the justification for the various limitations and exemptions bolted onto the basic concept.

> Have you read the current copy?

Not the current copy, no. Last time this came up I tried, but I had a hard time slogging through the European legalese to get to the meat, which I’m not used to reading. That’s why I’ve tried to keep my analysis here in the small, only considering the particular clause that started this discussion thread.

Given how hard it is to read, and the general unhelpfulness of the community (1), it’s probably a good assumption that effectively no one has read the actual text, and instead is relying on the reporting, which feels extremely biased to me on this one.

> The proportionality element alone makes the 'we need to invest 200% of our revenue into content blocking' myth absurd.

You should consider making this the lede instead of burying it three replies deep. This shows that the entire discussion about the other clause is moot, as there won’t be a problem in our scenario regardless of the result of that analysis.

(1) When I did ask for some help getting through the citations last time, the only substantive advice was “just skip that stuff, it doesn’t matter.” If I have learned anything, it’s that everything written into legislation matters.

> doomsday hyp(e), ... Calm down.

As an aside, my original reply to you was simply trying to correct your statement “HN does not organize large amounts of copyright-protected works” by means of a counter-example. I think you may be reading things between my lines that aren’t there.

I am, and always have been, calm on this matter. I don’t find the situation scary in any way. I simply enjoy exploring the logical consequences of various lines of thought through the medium of writing, even to the point of playing the devil’s advocate for the purpose of a more thorough exploration of the various issues.

I’m really not sure where my opinions lie on this one, so I’ve been free-wheeling a bit more than usual. I’d like to apologize if my mental wandering caused you any distress. It was not intended.

I'm not upset. Sorry if I'm coming off that way.

It's just that there's a big disconnect between what people have read out of the article regarding it's applicability and what remedies actually flow out of it.

Hence the ...so what?

Large sites will have a tool like photoDNA or ContentID to be able to flag works so you can't do something like repeatedly upload something like Aquaman an hour after release. That's reasonable. With respect to a site like HN, it's highly probable the entire article literally has zero impact, unless people take to posting book chapters in comments constantly (and if that happened, you'd expect they should take action in some way).

The proportionality requirement alone alleviates almost EVERY concern people are bringing up. I don't think the legislation is perfect, but it's pretty good, fairly clear, and very easily suited to judicial interpretation to create fair results in unanticipated situations.

Comments are copyrighted works uploaded by the users of HN. HN organizes and promotes comments. There are certainly a large amount of these comments. Profit motive of HN is uncertain, but it may receive payment for jobs ads? And it certainly operates as part of a for-profit organization.

In the US the letter of the law matters because of how jurisprudence evolved there.

EU has a different jurisprudence system based on guidelines and interpretation.

There is a wide range of options philosophically. Confucian courts are even farther from what you might recognize.

I have a pretty limited understanding, but at first, I would think you would have this the other way around? The US uses a case law system where precedential judicial proceedings modify how the law works in practice relative to how they got written. Besides the UK, most of the EU has a statutory law system, where the law gets applied as written with less regard for previous judicial decisions.

So, the short version of the question, in regard to your original comment, how so..?

I get the larger point you’re making, but I’d guess that copyright-protected works make up less than 0.05% of all content posted to this site and that includes repo links. /new is mostly just TechCrunch articles and things like that. I’m aware that bad faith interpretation of imprecise wording can be used to weaponize laws, and that laws are sometimes passed for this very reason, but it would be an incredible stretch (both legally and colloquially) to claim that phrasing applies here.

Every comment and article written in the last century is copywrited.

>/new is mostly just TechCrunch articles and things like that

Those are all copyright-protected works. Literally everything of any substance is automatically copyrighted.

Those articles also aren't uploaded but merely linked, so the rule doesn't apply.

Another article of the same law (Article 11) would apply copyright also to shortest excerpts of news articles, anything longer than "individual words". (Colloquially known as the "link tax" provision.)

So even reproducing the full title of a news article would likely be an infringement, and then that becomes another thing platforms take liability for/need to filter under Article 13. Whether there's a link or not would be irrelevant.

(It's meant to allow EU news publishers to bill Google and the social networks for distributing snippets/link previews of their content.)

> It's meant to allow EU news publishers to bill Google and the social networks for distributing snippets/link previews of their content.

I see this as an unreasonable reduction of previously established fair use. The fact that most of the companies linking to news articles using snippets are American, like Google and Facebook, while many news publishers involved are EU-based hints at a geopolitical motivation rather than any fundamental change to the fairness of this sort of use.

You are absolutely right: The mere fact that these publishers don't block Google using robots.txt and that they in fact spend a lot of effort optimizing their metadata so that link previews show up just the way they want them to proves that it's at least mutually beneficial, and not an abuse of their intellectual property.

Because google owns the index, if they don’t allow google to index they get no traffic. Google is a monopoly, there is no choice here, no market driving competition.

The sources I could find with a quick Google (yes, possibly ironic) search suggest news sites get most of their traffic from direct visits, but Google contributes a substantial amount[0]. It seems to me that the news sites want Google to provide them traffic and simultaneously pay for the privilege of doing so.

The behavior of publishers in countries where they won this battle is telling: a when laws were passed in Belgium and Spain requiring aggregators to license even small excerpts, Google stopped, and the publishers didn't take very long to offer free licenses.

[0] Here's one slightly dated example: https://www.sistrix.com/blog/new-data-is-google-or-facebook-...

They don’t want google or any other monopoly that is in competition with them to ‘give’ them traffic. They do want their services available and indexed on the internet. If the internet search market was evenly distributed among 5 search engines the I suspect this conversation wouldn’t exist.

Sort of, there is a big push in that direction mostly from the EU.


> So hacker news needs a filter lest you quote a sentence from some movie.

"Yipee-yi-yea...mother-fucker." ! -- Die Hard

Done :-)

>What is 'meant' is irrelevant. Important is the letter of the law.

Hold on, that's not true.

The intent of law matters and is codified in various ways, including stating the intent of the law directly in its text. This in turn informs judges (including appellate judges!) of how to evaluate a specific case. In jurisprudential systems, this in turn becomes case-law which further cements the intent of the law as a binding legal construct.

I agree the letter of the law is more strongly binding, but to dismiss intent as irrelevant suggests you don't understand the difference between law and computer code.

Or they are exceedingly cynical about the arbiters and paranoid about abuses - not a bad tradition when defending rights.

Intents may be pretenses which are cheap and mean nothing. The USSR was "for the people" and killed record ammounts of them. Even if ungrounded in displayed maliciousness a "how will this be abused" mindset is its own tradition and I argue a good thing when considering and writing laws.

Since writing a law meant to allow self defense that has text which allows shooting jaywalkers from your backyard is a bad law "to stop offenses in progress" is a bad law. Even if "reasonableness" is applied that leads to more judiciary work, uncertainty and the possibility of injust absurdities holding. Like bashing the head man who is stabbing you right now into the tile wasn't self defense because wood could have stopped him with less force. Explicit text definitions could have stopped the absurdity with say "threat of lethal force by an invading interloper may be met with lethal force" or "proportionate force" even.

I recognize EU law holds different principles but it isn't treating law as computer code. The opposite in my opinion - you are clinically paranoid if you think your compiler will try to twist your code in its favor. You are accurate when describing people and the law.

>you are clinically paranoid if you think your compiler will try to twist your code in its favor

C compilers have been known to "optimize" code with undefined behavior in such a way as to introduce a security vulnerability that would not exist in the most direct translation of the C code to machine code.

Yeah it is incompetence not malice. Although it probably feels malicious to anybody working with it.

There's very good reason for that : this law is yet another example of the EU's new favorite tactic: laws without the justice system.

The ONLY person that can use this law is the EU executive (commission). They get to sue, essentially any site they want on the internet. You, EU citizen or not, do not get to sue anyone else, no matter how much copyright infringement, how much damage. You can politely ask the (no doubt up to 10 person) EU agency that the commission puts in charge of this law, but that's it.

The EU commission is not just the only party that can use the law, they are also arbiter of this law. They never have to build a case before court, and of course in practice this means you're declared guilty and punished before your first chance to see a court.

In other words: they can prevent any site they like from getting sued at all and they can sue any site and convict. Then you can fight that decision in court (after, of course, penalties are extracted). In court, you start from an extremely disadvantaged position: you have been tried and found guilty. Effectively, in court you only get an appeal option.

I mean I know the EU is a dictatorship (because the both the positive and negative legislative power is in exclusive hands of the executive alone, the EU commission and council: they can enact any law they like with or without parliament approval and they can prevent any law from becoming law, no matter how much parliament wants it. Or they can change it at will, or ...

But this is even worse than that. This law does not just give them dictatorial power, but essentially makes them an international public prosecutor for internet sites, who does NOT report to any elected government (only reports to the commission which is not elected).

>Or they are exceedingly cynical about the arbiters and paranoid about abuses - not a bad tradition when defending rights.

I agree, but that's a matter of opinion. What's factual is that the parent post builds an argument on a false premise.

If you have to reference the intent for every trivial case like HN, the letter of the law is worthless.

For your info: Hacker News being responsible for the data its users provide is not a problem for the users, it is a problem for Hacker News and similar platforms who leech off content from the general public for their own profit.

Further for your info: Hacker News does not "need a filter lest you quote a sentence from some movie", it only needs to take responsibility of you commit copyright infringement by doing so.

I’d happily let Hacker News go if it means other such platforms go with it.

> I’d happily let Hacker News go if it means other such platforms go with it.


I'll take as a given that many platforms are profiting from copyrighted content uploaded by users, but I very much doubt that the copyright owners would secure any of those profits for themselves if the platforms in question were driven out of existence.

Do you believe otherwise? If so, why?

PILATE: Hoo hoo hoo ho. The little wascal has spiwit.

CENTURION: Has what, sir?

PILATE: Spiwit.

CENTURION: Yes. He did, sir.

PILATE: No, no. Spiwit, siw. Um, bwavado. A touch of dewwing-do.

CENTURION: Oh. Ahh, about eleven, sir.

PILATE: So, you dare to waid us.

BRIAN: To what, sir?

PILATE: Stwike him, Centuwion, vewy woughly!


This would indeed seem to be a copyright infringement in many EU member states. For example, in Germany it wouldn't fall under the quotation exception (no such thing as vague "fair use" here), since you aren't critically engaging with or commenting on the quote, which would be allowed – you just reproduced it.

The movie studio could now hold HN liable.

Well, except that HN is not under EU jurisdiction, so it could probably choose to ignore EU court decisions against it. Bigger platforms of course won't have that luxury, so they'd need to come up with some way of limiting or avoiding that liability... or maybe just blocking EU users.

> you aren't critically engaging with or commenting on the quote

He's using the quote to make an unrelated point. This wouldn't be considered copyright infringement anywhere you have an impartial judiciary.

Your post, right here, discussing quote, makes this fair use.

True, I guess you could see "the comment thread" as the larger (collaborative) intellectual work within which the movie was quoted for illustrative purposes.

This is a very poor argument even under basic scrutiny.

Are you sarcastic? It's often difficult to differentiate a Nazi from a nanny.

Please don't break the site guidelines regardless of how wrong another comment might be.


"internet platforms", "organize", "promote", "large amounts", "uploaded by their users", "in order to make a profit".

These phrases by themselves are open to interpretation in various ways. In particular, what I find dangerous is that these appear to be specific enough to convince people to believe there will be little to no room for abuse, and yet are vague enough to allow a motivated political actor to target someone if they really decided to.

Indeterminate legal concepts are very common, I don't know why this is always brought up as soon as it's "about the internet".

Programmers like to plan for every possible state and define things in the most technical, specific way possible.

Legislation is written contrariwise, which can seem baffling to programmers unfamiliar with the system.

Are you talking about directives in the E.U.? Or the law of a specific E.U. country?

It doesn't seem to be like this in the US. If you look at laws in the US, they try to define every word and every situation with a lot of cases. Vagueness seems to be avoided, and I'd say it actually doesn't seem too unfamiliar to programmers if used to the jargon

My response was in reaction to the parent comment brushing aside the level of ambiguity in the statement, and labelling it as "surprisingly reasonable" based on just another subjective interpretation of it.

As for vagueness, the issue has more to do with the scope. To me, as a citizen, the expanse of a given law is over the union of every possible interpretation of it that can be made by a reasonable person.

The more vague the language in a given law, the larger the scope for interpretation; the more specific and descriptive the language, the more restricted the scope.

It seems like an abdication of responsibility by duly elected legislators to leave the interpretation of the bounds of a vague law onto a far-removed, indirectly-elected judiciary, rather than passing specific laws defining those bounds more carefully from the get go. Why not just create a single law "Enforce good. Punish evil.", and leave it to the courts to implement?

As for why this uproar happens specifically on topics regarding the internet, the audience here on HN has a larger interest in everything to do with it compared to other issues. I do think that the same level of caution should be applied w.r.t. any and all vague laws, regardless of the topic.

Because it's often applied across borders, and in cases of late, potentially by independent bodies of different countries. IME, it's often brought up on any large set of laws, especially those governing freedom of information, and why most people discourage large encompassing new laws over meager ones or none at all.

The real question is why people take the it's-very-common approach to belittle people's concerns.

Being open just means that the judiciary has the room to make it work as cases emerge. Suggesting that this stuff would be politicised - what, the ECJ? - seems unlikely, although I'd be open to hearing of examples of blatant political interference in the EU-wide judicial process.

Is this a joke? Judicial activism by the ECJ even has its own wiki: https://en.wikipedia.org/wiki/Judicial_activism_in_the_Europ...

A political court is essential to the european project. Absolutely essential.

> DMCA: there will be no abuse


> GDPR: there will be no abuse


> Art. 13; there will be no abuse

yeah, let's be optimistic!

[paraphrase] You keep using that phrase "no abuse". I do not think it means what you think it means ... [/paraphrase]

Single paraphrased/modified quote from a movie, meant to mock the abuse that has, and surely will, happen, under the existing, and new regimes. Fair use, and parody all wrapped up in one sentence.

> and "in order to make a profit" excludes organizations like Wikimedia Commons[...]

But what about fandom sites like Wikia? There's mass copyright infringement going on quite openly there, but it's survived under the understanding that e.g. Memory Alpha discussing various topics from Star Trek wasn't causing Paramount any financial harm.

But if the hosters of fan wikis like that will need to become paranoid about that liability they might not host them at all.

Hopefully that would mean fans will host the wikis themselves, rather than the advert/tracking nightmare of fandom

A lot of them just won't exist then. Many of those communities aren't organized enough to self-host, and if you can't run ads whoever's hosting it on their personal server is going to eat the cost of hosting it, and getting to the point of running it as a foundation like Wikimedia is going to be hard.

But maybe there'll be some meta-foundation like a fanbase version of Wikimedia that'll bring these all under their umbrella, or more likely sites like Wikia will just be hosted commercially by fans in the US blocking EU IPs and fans will need to use proxies or VPNs to browse them.

Yeah, the "in order to make a profit" part caught my eyes, too, and I immediately thought of Wikipedia.

If this law somehow ends up hurting multinational commercial platforms and opening up a larger space for personal blogs, hobby sites, and nonprofits, I might even consider it a good law on consequentialist grounds. I don't even care about the impact on startups if all they're trying to do is to become the next YouTube.

In reality, though, this is probably just wishful thinking. We have no idea how "organize", "promote", and "large amounts" will be interpreted; Google and Facebook will find a way to comply at least with the letter of the law; and the heyday of personal websites and ramdom phpBB forums are already well behind us :(

Are you suggesting there are no more forums online not run bi the big 5? I have not searched for 'powered by phpbb' in some time, but certainly there are many forums / phpfox / buddypress / similar sites out there that are not big companies funded like reddit.

Anything with song lyrics or a giphy post would be in danger of additional censorship with this no?

Any kind of web site that allowed user sign ups would be in danger with this pretty much(?)

The road to hell is paved with good intentions.

I can see most of the obvious impetus for this, but don't feel it's going to work out very well at all.

I'm not sure what a smarter version of the legislation would look like.

Maybe it works out, but there is some downside risk here which involves a brand new 'lawyer economy'.

> I can see most of the obvious impetus for this, but don't feel it's going to work out very well at all.

You can see this reaction to the GDPR where the discussion of benefits are hypothetical. Most of these pieces of legislation have predecessors that we can look to for real, practical results. And that practical result is that the governments have mandates to govern the internet in a large, globally-affecting, information/data-suppressing way.

> I'm not sure what a smarter version of the legislation would look like.

It would not exist. Different measures (education, funding, public services, public awareness, existing statute enforcement, accepting the costs of open information, etc) would be taken.

I think that GDPR will in many ways be meaningless, but I don't have a problem with it because it seems 'fair' and 'implementable' at any scale.

This legislations looks like a train wreck out of nowhere, for no real, pragmatic reason.

Of the 100 or so top issues facing Europe today, is this among them? Really?

Maybe the EU Executive should be elected, like in every other democracy.

Do you even know what you are saying?

All this will mean is that the big tech, Googles and Facebooks of the world, will solidify their position for years/decades to come since only they will have the money/resources to take care of this expensive regulation. New startups on the other hand will stand little chance in this new world.

All these regulations look good on paper. But when you understand their medium-long term ramifications is when you realize how unfairly the deck is stacked now.

> It is unfair to legitimate companies who do their best to make sure their content really is original or properly licensed.

On the other hand, it could be said that it is unfair to new companies and rewards those who _already_ broke the rules. They already broke the rules, so it would be unfair to stop them from continuing to be broken is a bad argument, but it has to be a consideration when entrenching existing companies (as they can absorb the compliance costs).

I'm not really sure what the correct answer is, as allowing an ongoing harm to continue is clearly untenable[1], but you have to ask if this is really accomplishing the ends we want to achieve, and is it the right way to do it.

[1] assuming no large-scale copyright reform, but that doesn't appear to be on the cards

>From my understanding: "organise and promote" means it is not simple hosting, and "in order to make a profit" excludes organizations like Wikimedia Commons and "large amounts" most likely excludes smaller websites like fan sites, and "uploaded by their users" exclude search engines.

All these things are very interpretable and can be the root to abuse and mistakes.

I'm sorry, but you reading the text of Article 13 far more narrow than it actually is:

"internet platforms that organise and promote large amounts of copyright-protected works uploaded by their users in order to make a profit" Would include https://news.ycombinator.com as well. It does organize and promote user comments, quotes, references which are of course copyright-protected works as anything created in the EU member states is, including user comments. Now "Hacker News" does not make a direct profit of the content. It is a side-line to a profitable business. It is however trivial to argue that the fact it is a side-line by a for-profit company it must in some way contribute to that. This has been done before. The term upload does not exclude anything, because there is no legal or technical distinguishable difference between upload and post. The law could have read 'provided by their users' and the legal implications would be the same. All sites that are for profit and allow anything from their users are affected by this. This would also include online games that allow users to chat.

I don't agree that its intentions are that clear. Nobody likes a leech, but that does not mean that we should kill all animals to prevent leeches.

"And if it changes the internet as we know it today, is it that bad? It will push people to self publish instead of relying on "platforms", like the old internet."

This seems to be a call to the internet being just for the technologically savvy. No great number of people are going to self host and any form of support for people self-hosting from a for profit company will run into article 13. Moreover what I remember from the old internet is not self publishing, but the social gathering on IRC, newsgroups, etc. Something that will be impossible to do at our current scale without for profit companies or government backed services. The first will run into article 13, the second one is a non-starter.

If it's defined as loosely as you state, it will benefit big players:

- Small organizations can't support repeatedly going to court argue that they are not "organizing" nor "promoting" content in "large" amounts.

- Small organizations can't take the path to being large that youtube or pornhub did. These now host mostly licensed content, because content producers were forced to go along. They can no longer be forced, and a barrier to entry has been thus erected.

THis law has no real function and was brought forward by publishers that want to cash in Google-Money. To hell with it.

I thought most clips on Pornhub were uploaded by the content owners, basically as advertisement for their sites. They are not full length clips usually, or am I way off?

A few.. I'd say percentage are this way (and more today than there were some years ago as Phub climbed to fame).

Certainly the popularity of the site is due to the large amount of full scenes that have been available. Debates about who has been uploading the full scenes have been raging for years.

The debate about who is profiting from it and who has lost sales I think is pretty easy to figure out.

Must be great to feel that optimistic about the law. Your interpretation is unfortunately just one way to look at it, why would you give the law the benefit of the doubt?

That's not how you should write laws.

I have no doubt the 'for profit' part will be taken out sooner than later. Never rely upon a law where it's seemingly justified by a few extra rules.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact