* publish an exact copy of the offending content on a web site and include something that looks like a datetime which is earlier than the publication date of the offending content
* tell the web site's ISP and other service providers that they're violating copyright, pointing to your fake content and using the providers' copyright-violation processes, which you know all about because your reputation firm does this stuff all the time
This also works for search engine deindexing, right?
It's just remarkable to me that (a) we all know this works super well and (b) it keeps working even though everyone knows about it.
I think this is a PR opportunity for some “freedom loving ISP” that has a large global footprint and would benefit. In the US the ISPs are media companies do not so close.
Maybe we’ll see Google or Microsoft try but they too have too many media ties to try to upset dmca.
The most likely fix, I think, is for large enough orgs like the Guardian to sue Linode and the takedown issuer for fraud. That will cost a lot, but they may be interested.
If ISPs have a large risk of damages then they will be more careful. Currently it seems like a bot or intern issues these things and does not really care about anything but avoiding DMCA risk.
E.g., someone creates a puny single-person LLC, and files DMCA notices against New York Times, Amazon blog posts, Apple press releases, et cetera. According to claims I see here, the content will have to be down for 10-14 days regardless of how quickly the counter-claim succeeds, which if used at the right moment could cause significant damage to the target/substantial profit to the attacker.
If this was happening, I’m sure the regulation would be fixed promptly with powerful lobbying from the aforementioned big players—perhaps by imposing a fee for issuing DMCA takedowns, increasing legal cost of a successful counter-claim, etc.
Such cases would’ve definitely be noticeable to the public, so I can only assume that they don’t happen because either (A) no one have thought of it yet, or (B) there’s some non-obvious cost to DMCA takedowns or successful counter-claims.
EDIT: Removed shady source for DMCA counter-claim info.
smaller players are subject to dealing with DMCA claims by proxy via their hosting providers. also, it would be easy for Amazon to prove bad faith by having many examples from a single claimant. smaller companies may only have to deal with a few claims per year from different claimants (still incredibly disruptive) and not have strong enough evidence to demonstrate bad faith.
You don't "violate the DMCA takedown law" by failing to take down content. You simply lose protections offered by it.
The federal law in question that might be violated would be exclusive rights under copyright, 17 USC 106
For these there are both civil and (in certain cases) criminal remedies possible.
I'm unclear what the difference is between how Wikimedia is set up and the situation with the Guardian and Mail.
That link above doesn't seem to contain everything that Wikimedia receives on its various sites, e.g., there's also https://commons.wikimedia.org/wiki/Commons:Office_actions/DM...
They simply lose the safe harbor protection. So if they are sure it’s a false claim they can just ignore it.
Because medium sized companies know not to mess with large companies but don't care about small companies?
Then a bunch of people can recover their losses.
> shall be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of the service provider relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.
If the content is a third party's, BigCo's option is to simply refuse the takedown, in which case the safe-harbour provisions (as you've been told repeatedly in this thread) don't exist.
Your understanding of the DMCA generally as expressed here is poor. You'd do well to read the law or a good explanation of it.
Copyright law is online at the Cornell University Law Server:
Subject matter, generally (see especially 106 & 106A):
Infringement and remedies, including DMCA safe-harbour provisions (section 512):
EFF have a basic explanation: https://www.eff.org/issues/dmca
Lumen (previously the Chilling Effects Clearinghouse), has a longer explainer on DMCA Safe Harbour provisions:
Playing devil’s advocate here, and may obviously be missing some points of the regulation.
I guess, to sum up, the current system enables smaller players (commenters, vloggers, site authors) to publish on the Web through intermediaries of all kinds (like Linode or YouTube). Those intermediaries want to make sure they don’t get sued for the content they host, so they use safe harbor and observe DMCA.
Those enjoying more direct access to the backbone (metaphorically and possibly literally speaking) of the Internet trust their legal teams and don’t need safe harbor protections.
Thus if you are lucky enough to not need the safe harbor protections, you have the ability to bully smaller fish by issuing takedowns left and right.
What the DMCA safe harbor provisions both try and succeed to do is remove those intermediaries from potential copyright proceedings. This allows them to flourish but also disincentivizes them from providing legal assistance to their customers— the ultimate lawsuit will be not be Giant Media Conglomerate vs Comcast ISP, it will be Giant Media Conglomerate vs John Doe.
So the fundamental problem here doesn’t really have anything to do with copyright, but rather the reality that fighting a lawsuit can ruin you even if you’re in the right.
NYT, Amazon, Apple, etc aren't going to fuck about with that. They'd push for prosecution of people making false DMCA claims, and they'd sue for their losses.
Unfortunately DMCA perjury cases aren’t prosecuted.
This hypothetical troll wouldn't have that deniability. It would be very clear that they are knowingly making false complaints.
There’s enough deniability for prosecutors to not care, but there’s also enough evidence that prosecutors could politely inform them that there is a pattern of misconduct.
The specific mechanism of the DMCA is that:
1. It is a protection afforded online service providers, specifically, against infringement liability. (17 USC 512(c))
2. Against copyright infringement (17 USC 512(c)(1)).
3. For third-party content (17 USC 512(c)(1)).
4. Of which the provider does not have specific knowledge that the content is infringing (17 USC 512(c)(1)(A)(i)). (More on this below.) And does not directly benefit monetarily (17 USC 512(c)(2), and acts to disable access expediciously (17 USC 512(c)(3)).
5. Where the provider has a designated agent. (17 USC 512(c)(2)
6. A valid notification request is received, (17 USC 512(c)(3)
A consequence of all of this is that a self-serving online service provider does does not qualify for the relief as the content is not third-party. By designating itself as the Designated Party, it can choose to receive DMCA requests directly, and assume the risks of infringment claims itself.
There is nothing in the DMCA that says a service provider must act on a claim. Only that the liability protections offered apply only if it does. Linode, here, absolutely could have taken the principled stance that the content was not infringing, and refused to act on the notice it had received. Yes, this would incur a liability, but the overall legal risks of a patently false and malicious claim would be slight. I believe there are cases of this occurring.
NB: A longstanding criticism of the DMCA 512 provisions was that there was no liability for misrepresentations. That's now addressed in 17 USC 512(f), though I don't recall when this was added:
Misrepresentations.—Any person who knowingly materially misrepresents under this section— (1)that material or activity is infringing, or (2)that material or activity was removed or disabled by mistake or misidentification,
shall be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of the service provider relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.
Mail & Guardian would seem to have some remedy here, if they can successfully bring suit and collect judgement.
It's also possible that M&G could bring suit against Linode under 17 USC 512(g)(1) ("good faith" actions), though that's weakened by subsequent paragraphs. Informed legal opinion would be helpful here.
Note: I am a space alien cat, not a lawyer.
If a counterclaim is filed, that period can extend to no more than 14 days....
Unless notice is received of a court action to restrain further publication.
17 USC 512(g)
When someone files a DMCA claim, if you want to keep the content up you need your lawyer to file a counterclaim. Hosting providers are then allowed to leave it up, and you can fight about it in court.
It sounds from this article like the newspaper didn’t have a lawyer, or at least not a lawyer familiar with American law. That sucks but all you can really do about it is to get a lawyer, or use a non-US hosting solution.
we had used some images from an mfg's pdf installation manual on a page that was reselling that mfg's own products which we were buying from their offical distributor - the only way to get the product. talk about absurd.
some of the media that they claimed was theirs was in fact our own original graphics/images. it didn't matter, we had to remove everything that was in their overly broad claim.
the DMCA is no joke, but is also a big fucking joke. it's trivial to completely destroy someone's business by simply making fraudulent claims (it's guilty until proven innocent). and it's almost impossible to prove that the claim was made in bad faith rather than simply in error. these claims are usually made by some contracted third party that flags everything that smells off. it's the new patent trolling.
It is very much a joke, and not a joke.
in addition, how do you show a potential buyer installation diagrams of a technical product without risking your own version being wrong (and not UL-compliant) vs the one in the approved manual?
Linode has non-US data centres (eg Singapore). If the node hosting the content was just outside the US, would they need to do a take down? Or is the fact that Linode is a US-based company make this not matter.
Usually, we simply took the content down when it was obvious copyright infringement (Windows ISO images and so on -- yes, people still put stuff like that on their web sites), as that is a TOS violation, and TOS violations is something a host can handle regardless if the legal status of the content. If the customer claimed they owned the copyright on some original content we simply told the people complaining to go through the local courts instead of invoking foreign laws.
Obviously, we have complied in a few cases where one of the new guys handled complaints about businesses' own web sites or subsidiaries' web sites. Laughs were had.
I don't know how a US host acting abroad would handle it though. I suspect they would apply the same rules everywhere.
Even if Linode really didn't have a single recourse, they still chose to go beyond their legal obligations and shut the site down early, with timing that at least looks deliberately calculated to cause the most damage. They don't deserve your advocacy.
if you are your own ISP, then maybe you can. AFAIK, no ISP or hosting provider in the US is going to risk it. most (all?) ISPs require the customer to remove the content first and ask questions later.
The bar to DMCA style takedowns is much higher in Europe. Hence the decision to host on Linode for a South African newspaper is ... odd. They should migrate to OVH/Hetz
In practical terms that means you can send emails but there's a 70% chance they'll land in the other party's spam bin.
Linode is an ISP, not a court of law.
Legally, it's not up to them to make this determination. If they are compelled to take down a site by law, then their opinion about the veracity of the complaint is not really relevant. Unless they want to defy the law in order to go out on a limb to protect a customer. Which is a lot to ask of any business.
This is a strong signal to customers to find a better ISP. One who plans on legal funds to defend customers against these bullshit dmca notices.
I would love to agree with you, but are you gonna pay someone $20/mo for Linode’s $5/mo service? Of course not; and therein lies financial ruin for the ISP.
The system is fucked.
Is there any business that would not do this, or would do the opposite?
Not that Linode is bad or anything; I'm super happy with them myself. But the way a company deals with abuse complaints (including takedowns) reflects the volume of these that they have to deal with, and the blowback they've experienced by overreacting.
If the provider is tiny, then takedowns are rare and interesting. They'll examine each one based on its individual merits. Though small companies don't have the resources to dump a lot of money into making things right, so they may just take the cheap route and kick you out.
If the provider is reasonably large, they'll get these all the time, and they'll have an automated and inflexible solution for dealing with them. It'll be heavily weighted on minimizing the cost to the provider, and will tend to overreact just to be on the safe side.
If the provider is huge (like, top N kind of huge) then they'll have started with the automated overreaction solution, but then they'll have had some massive disaster because their automated abuse system took down a client like Sony or the New York Times or something. So then the'll have dialed back their abuse system a bit and made it more expensive to run, but less prone to being destructive.
Nintendo and other companies are also abusing it to take down fair use videos by individuals on YouTube.
(This is same dynamic as Section 230, btw. It continues to astonish me that even the tech community is incapable of understanding the basic mechanisms)
Are you saying that the DMCA is explicitly being invoked by Nintendo and others, or are you talking more generally and including, for example, YouTube's Content ID system?
Whichever variation that is used is up to the copyright holder (legitimate or otherwise), and both are definitely used by legitimate actors for sometimes the most ridiculous of copyright claims (someone humming a song for instance).
These things are all very much extralegal, and used instead of the DMCA in many situations.
You can fix this by adding small cost. If counterclaim is filed and complaint maker is not moving the case forward, they should pay something. Even small sum like $1000 per dropped claim would likely stop this madness.
What happens when DMCA notice meets another one?
Welcome to Bad Law.
First of all, the Wayback machine may have captured the thieving site as well as the victim one. Of course, if you are going to make false copyright claims, you'd better set your robots.txt to exclude archive.org first.
Second, if you do manage to dispute and get a day in court, how would the thief prov they owned the material, if the actual content creator had proof of the date of authorship? Eg tweet a hash, photograph with newspaper headline, etc? Can court costs be recovered after proof of a false takedown?
There are the technical elements -- what many HN readers are familiar with in terms of development, back-end, front-end, and infrastructure tools.
There is the art of developing the content in the first place, including the methods in this case of investigative journalism.
There is the whole maelstrom of business models and monetisation, on which virtually all attempts have been foundering of late.
But there's also the legal side, both offensive and defensive. Pursuing sources, information, and disclosures. And defending the publisher against attacks, such as the one described here. The publication of Permanent Record highlights another element, that of contracts and publication risk when faced with a state-level actor and an alleged NDA privilege. There are famous battles against defamation or censorship lawsuits. And there is the pursuit of others who take content without payment or credit, claiming it for themselves.
In many histories of great publishing events and episodes, lawyers (and publishers with spinal, intestinal, and gonadal integrity) play a huge role, and publishing houses or newspapers as much respected for their solicitors as their journalists and editors.
It's not just a business that concerns getting words on a page, or screen. The words have to matter, the words have to be right, the lights must be kept on, the words distributed. And, if your business is afflicting the comfortable and comforting the afflicted, resisting and challenging some very motivated and extraordinarily capable adversaries.
This is something advocates of "citizen-based journalism", or peer-to-peer or federated technologies, or DIY technical solutions, of whom I very much count myself as a former and current member, have long failed to appreciate.
The Mail & Guardian's message here is one to remember.
Moreover, there's a 10-14 day waiting period before the ISP can allow the content to be put back online. It's a ridiculous process that allows anyone to take down any content for up to two weeks for any reason. Two weeks is an eternity in today's news cycles.
South Africa has had constant power outages
The title of this submission should be "CENSORED: How the M&G got taken down". Linode aren't the bad guys here and the title is flat-out misleading.
Was previously 'Linode Shut Down a Newspaper'
Edit: Thanks for updating the title