GitHub Promises To Alert Users To DMCA Notices Before Taking Content Down
from the interesting... dept
For many, many years, we've noted the serious problems of the DMCA's "notice and takedown" provisions -- which, arguably, violate the First Amendment. A potential alternative regimen, which would be much more reasonable, and avoid many of the censorship problems of the DMCA, would be to do a notice and notice setup, in which service providers would pass along notices to the user, with an established time period for that user to respond, either by fixing the issue or issuing a counternotice. Then the service provider could decide how to respond, in either taking down the content or leaving it up. Unfortunately, that's not how the current DMCA safe harbors work. The notice-and-takedown provision does not require immediate takedown, but heavily incentivizes it by granting the service provider immunity from liability if they take the content down. This doesn't mean that the service provider is automatically liable if they choose not to take the content down (courts have found service providers to still be protected otherwise), but they can't use the simple and quick process of the safe harbor to get any lawsuits dismissed. Rather they might have to go through the full process of the lawsuit. Thus, some companies immediately take down all requested content in response to a DMCA request, just to give themselves protections under the safe harbor. Many, more reasonable, companies at least do a first-pass review over how legitimate the DMCA notice is, rejecting obviously frivolous ones, but still quickly taking down plenty of content (often mistakenly).Github, the super popular site for storing software repositories has been hit with more than a few DMCA notices in its time -- in fact, it has a repository publicly listing them all. Just recently, we had noted some controversial ones, including Qualcomm shutting down its own repository and the MPAA taking down Popcorn Time repositories, despite them containing no MPAA copyright covered material.
Github has now made a very interesting move in changing its DMCA process to one that is basically a notice-and-notice policy, and one which also does not create collateral damage for non-infringing forks of projects.
- First, whenever possible, users will have a chance to fix problems before we take content down.
- Second, we will not automatically disable forks in a network based on the takedown of a parent repository unless the takedown notice explicitly includes them.
- Last but not least, we've published a completely revamped DMCA policy as well as a pair of how-to guides for takedown and counter notices to make our process more transparent and easier to understand.
The first change is that from now on we will give you an opportunity, whenever possible, to modify your code before we take it down. Previously, when we blocked access to a Git repository, we had to disable the entire repository. This doesn't make sense when the complaint is only directed at one file (or a few lines of code) in the repository, and the repository owner is perfectly happy to fix the problem.It's absolutely true that this seems like a much better overall policy for everyone -- but it's still surprising (if unfortunate that it's surprising) that any company would be willing to take such a step, since, technically it's opening the company up to some amount of greater liability -- and lawyers tend to be averse to any move that may increase a company's legal liability. So, kudos to Github and its lawyers for recognizing that sometimes you have to let in a little legal risk for the good of the overall community.
In practice, our support team would often shuttle messages between the parties to work out a way for them to fix it. That usually worked out well and everyone ended up happier at the end of the day. So we are making it a formal part of our policy, and we are going to do it before we disable the rest of the repository.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: copyright, dmca, liability, notice and notice, notice and takedown
Companies: github
Reader Comments
Subscribe: RSS
View by: Time | Thread
You keep using that word. I do not think it means what you think it means
CDA 230 is a safe harbor. The DMCA Takedown system is not. The difference? There are two, both very significant. First, CDA 230 doesn't come with strings attached that turn it into a tool of extortion by giving the bad guys leverage. And second, there's a long history of people successfully using CDA 230 to have bad lawsuits thrown out. But name even one case in which the DMCA Takedown system's alleged "safe harbors" have protected a company that the bad guys wanted gone.
Go on, I'm still waiting...
[ link to this | view in chronology ]
Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: You keep using that word. I do not think it means what you think it means
So my challenge stands: name even one site that the DMCA's alleged "safe harbors" have ever managed to actually keep safe.
[ link to this | view in chronology ]
Re: Re: Re: You keep using that word. I do not think it means what you think it means
Lots and lots and lots of companies NEVER GET SUED thanks to the safe harbors.
Flickr, Imgur, Wordpress, Tumblr, Soundcloud, Vimeo, Reddit, Pinterest, Facebook, Twitter -- all regularly rely on the DMCA safe harbors to prevent lawsuits from ever starting.
To claim the safe harbors are useless is to profess pure unadulterated ignorance of reality.
[ link to this | view in chronology ]
Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
But there have been many cases when what the copyright interests wanted wasn't to extort a site, but to destroy it. Just look at MegaUpload, YouTube, Aereo, and any number of similar cases. In every case, it's come out that they bent over backwards to comply with the law and even go above and beyond its formal requirements, but that didn't help. Has there ever been even a single case when these so-called "safe harbors" kept a site safe when the bad guys wanted it gone?
[ link to this | view in chronology ]
Re: You keep using that word. I do not think it means what you think it means
It should be interesting to see how this will play out. I'm willing to bet the MAFIAA will try to sue Github to try and extract some secondary/tertiary/etc liability ruling from it, green light to send thousands of automated, unrevised takedown notices and free money. Github must be expecting any time now. I say it will happen in the next month (or week after their lawyers recover from all the cocaine and hookers bought with the money that should actually be going to the artists).
[ link to this | view in chronology ]
Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: You keep using that word. I do not think it means what you think it means
You keep bringing this up and you're wrong every time.
It is a safe harbor. It says "if you meet these conditions, you're safe." That's what a safe harbor is.
I agree that it's not a great safe harbor *for users* and that CDA 230 is a GREATLY preferable safe harbor, but it is still absolutely a safe harbor.
But name even one case in which the DMCA Takedown system's alleged "safe harbors" have protected a company that the bad guys wanted gone.
YouTube.
[ link to this | view in chronology ]
Re: Re: You keep using that word. I do not think it means what you think it means
Not when the conditions turn it into a tool of extortion. Then it's a tool of extortion.
No. Not only is it horrible for users, as I've been pointing out all along it's horrible for sites as well. It takes extortion and gives it legal protection, and if what the bad guys want is to be rid of you and your meddling innovative business model, if they actually see you as a threat, it does nothing to protect the sites and you know that just as well as I do!
YouTube? Seriously?
OK, you're gonna have to walk me through the chain of reasoning there because everything I've seen on the case (including your own coverage) says the exact opposite: in spite of the DMCA that theoretically should have protected it, they came within a hair's breadth of being sued out of existence, and would have if they hadn't been acquired by Google. It's why I've been using YouTube as one of the prime examples of why the DMCA Takedown system does not keep people safe.
[ link to this | view in chronology ]
Re: Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
For the life of me I can't seem to recall the name, but there was another company in the same video hosting service, and despite winning every single case against it, it was still driven into bankruptcy and killed off, giving a good example of YT's likely fate had they not been bought up.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
Safe harbor is meant to protect companies from the actions of their users, but doesn't seem to do much good if the other party wants to kill them off. At the same time though, I'd say that's not entirely the fault of the Safe Harbors, but has a lot to do with the extremely screwed up, 'The one with the most money wins' legal system the US has.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
That's because that passage has been interpreted to mean something else. See Warner v. Hotfile and an article about it right here on TD: https://www.techdirt.com/articles/20131118/02152325272/warner-bros-admits-to-issuing-bogus-takedowns -gloats-to-court-how-theres-nothing-anyone-can-do-about-that.shtml
Of course, interpreting the penalty of perjury clause in this way effectively renders it meaningless. For someone to be liable under this interpretation, they'd have to be some kind of copyright vigilante, issuing DMCA takedown notices for rightsholders without their consent. And as we all know, that's such a HUGE problem, isn't it?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: You keep using that word. I do not think it means what you think it means
That's what Mason Wheeler is talking about. Had Kim Dotcom had deeper pockets and more political clout, he might not be in the situation he's in.
[ link to this | view in chronology ]
Re: You keep using that word. I do not think it means what you think it means
Actually, that is incorrect. Both are legal terms of art, so your arguments do not matter.
CDA 230 is an immunity. A service provider is immune from liability for statements of its users (non IP).
DMCA is a safe harbor (for copyright infringement). You have to go through steps (e.g. register an agent with the Copyright office, respond to notices timely, etc.) and if you follow the steps, you are granted safe harbor from liability you are not otherwise immune from.
[ link to this | view in chronology ]
We do not remove material from customer accounts ourselves, because there is always the chance that our messing around in their site can do unintended harm, so if the customer does not remove the material, their account is suspended. This also has the effect of getting a site owner's attention if they chose to ignore our notification email.
We also respond to all DMCA claimants and advise them that we have provided this 48 hour window, including organizations such as the MPAA, RIAA, IFPI, Microsoft, Blizzard, various individual US and international movie studios and record labels, and so on. They all seem perfectly fine with it.
[ link to this | view in chronology ]
Re:
That's messed up. Ill stay away from your medium-large hosting company.
[ link to this | view in chronology ]
Re: Re:
If you think that's messed up, blame the law, not my company.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
What would you have us do? If you've got a better solution, I'm all ears.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Removed Repositories
I'd advise everyone else to do the same frankly. Political agendas have no place in policing software.
https://gitorious.org/
[ link to this | view in chronology ]
Notice it doesn't say that users have a chance to dispute the claim. It's automatically presumed that they're in the wrong and should have to "fix" their project to satisfy whoever sent the claim.
Besides, since when has the DMCA allowed third parties to make copyright claims on code that they don't own? GitHub shouldn't be taking down any of these projects, they should be sending a reply to the organization making the claim, explaining that they do not hold the copyright on the code and that if they object to it, they should take it up with the author.
[ link to this | view in chronology ]
Notice it doesn't say that users have a chance to dispute the claim. It's automatically presumed that they're in the wrong and should have to "fix" their project to satisfy whoever sent the claim.
Yes, this. When being censored or punked by a competitor, there is nothing to fix.
[ link to this | view in chronology ]
How so? There is an opportunity to dispute.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Now, if every DMCA takedown notice was targeting material that was in fact infringing, we might take less of an issue with it. But the reality is different. The DMCA takedown process gets abused quite often. And the reality is that 10 business days on the Internet is an eternity. Having content disabled for that time can dramatically impact a website's livelihood. In addition, sometimes getting information out is time-critical and having it taken offline for 2 weeks can lead to other problems.
[ link to this | view in chronology ]
Re:
Note the link in that sentence? It goes to the explanation.
[ link to this | view in chronology ]
Because it was written by content industry lawyers for that express purpose. To them it's a feature, not a fault.
[ link to this | view in chronology ]
Do they? Can you actually explain the argument?
[ link to this | view in chronology ]
Re:
Anonymous Coward, Oct 18th, 2014 @ 2:42pm
Mike Masnick, Oct 19th, 2014 @ 6:26am
[ link to this | view in chronology ]