The MPA seems to be getting braver with these takedowns, considering how quickly the youtube-dl one got flipped around. This one seems particularly shaky as you could not use it to explicitly download anything - rather to host data of your own (with no explicit requirement for it to be unauthorized copyright violation).
EDIT: perhaps just a ploy to unmask the authors of the torrent site?
Sooner or later, one of these projects will counter-sue for misuse of copyright.
Misuse of copyright is when a copyright holder attempts to illegitimately expand the rights granted to them by their copyright in some work (in this case, quashing competition from distribution channels that are used to distribute unrelated copyrighted material).
The normal punishment for misuse of copyright is the rendering of the copyright unenforceable. The letter clearly sets the scope of the copyrights that would be at stake in this case:
" each of the major motion picture studios in the United States, specifically, Paramount Pictures Corporation, Sony Pictures Entertainment Inc., Universal City Studios LLC, Warner Bros. Entertainment Inc., Walt Disney Studios Motion Pictures, Netflix Studios, LLC, and their respective affiliates (collectively, the “MPA Member Studios”), which own or control exclusive rights under copyright in and to a vast number of motion pictures and television shows."
I'm not a lawyer, but misuse of copyright / trademark should be covered in any decent introduction to intellectual property law course. The MPA lawyers are either incompetent or working under the assumption that their clients are invincible / above the law.
I think pushing back on this take down notice would be a slam dunk case.
All you need for DMCA takedown notice is "a good faith belief" that reported content is infringing copyright you own (or is owned by someone you represent).
The opposing party has to prove that the claim was knowingly false and malicious for the claimant to be charged with perjury.
The opposing party has to prove actual damages in court to get any compensation. You may get legal fees back too (up to the court), but that's only likely to happen if it's obvious at the first glance that the claim was bogus.
This is all you can do to someone filing the notice. Notice doesn't even establish a jurisdiction (and cease-and-desist letter does) - so you can't counter-sue in your jurisdiction to get declaratory judgment that copyright is invalid.
Right. The DMCA was written with the advice of the copyright holders' lawyers (and by them in some cases) and activists and others fought against it as hard as they could.
Even in 1998, the US government was corrupted by money. It's worse today, but this has been happening a long time.
I suspect one could make a case, given the history of the MPA/MPAA that they've left both the realm of "good faith" and "belief" long ago. Each incident doesn't get to occur in a vacuum. You can't claim blissful ignorance forever.
Is there a history of bad faith claims in the courts? I suspect there isn't or at best very limited. It goes like this:
1. MPA sends a notice, content is taken down/disabled
2a) No response to takedown notice is sent, because the next step MPA can take after that is to take you to court. If you win the best case scenario is you recover your legal costs (but not the time). Content stays down.
2b) A response to takedown notice is sent, content gets restored. MPA doesn't go to court, unless it's a slam dunk case or it's important enough to bully someone into submission with legal costs (you pay those out of your pocket with hope of maybe getting most of it back at some point, possibly years later). Victim doesn't go to court for compensation, because it's almost certain that even with a resounding win what they recover is going to be less than legal fees.
The actual number of cases that see the courtroom is likely very, very small.
IANAL but best I can tell it is with regards to filing the takedown notice rather than taking them to court. If it is just the sending of a takedown notice, then holy fuck have they abused it.
Oh, most certainly they have abused it, no question about that.
The problem is if either side folded at notice / notice response step, then that abuse is visible only to platforms that receive those notices, not to the courts.
Could GitHub mount a case on this - that they (MPA) have been making so many of these these bogus 'good faith belief' requests over time that those words don't actually have any meaning anymore to them, and as such have been lying through their teeth when making them now?
I think the assumption is true in this case, that "their clients are invincible / above the law." - they can lobby to create the laws themselves (which is what they did to create the DMCA in the first place) so they are in effect "above the law"
If you're an ISP, fully automated software sends DMCA notices for video content copyright violations all the time. There's no human in the loop anymore. If you see the vast bulk of these notices, a lot of them are spurious. It's a GIGO problem.
Even more entertaining, the bot has no idea what is or isn't legit. Ages ago I received a take-down from "The Internet Police" ordering me to remove all the Atari game updates from the FTP servers. Thing is, they belonged there. Atari paid us to run parts of their site, including game updates.
You have not met the staff of these orgs. It is actually not exaggeration to say they live in a media bubble where their studio chiefs are captains of industry that are infallible and are to be served with total fealty.
I once sat in a meeting where some VP at a major client asked (because they were technically daft) if it was possible -in not so many words- DDOS google because "they (google) have all this infringing content on their site"
I had to tell me boss "is anyone going to explain to that guy that what he's describing is A. not realistic and B. not legal?"
It seems to me that they are deliberately conflating "infringing someone's copyright" and "using to infringe someone's copyright" - there's a difference between "you have my copyrighted code in your github" and "you are providing software that can be used for copying my movie" - the first is what DMCA notices are for, not the second
Your last sentence is not true. The DMCA notice can be used for anything that the DMCA covers. One thing in the DMCA is:
> linking users to an online location containing [...] infringing activity
Extremely broad, but a link to a file sharing site with infringing content is also infringing. The DMCA notice can be used against the site containing the link.
That’s a good question. A strict reading would imply a single one, and would mean that only TPB would be infringing because they’re the ones “linking” to the content (they don’t host it). But it could easily be construed to mean a link to TPB is also infringing.
The problem with the DMCA is that it’s so broadly worded with not enough words defined. What is the definition of “linking”? After a quick skim, I couldn’t find it. Are only hyperlinks (<a> tags) counted? Or are magnet “links” counted (despite not taking you to the content, but telling you the hashes of the content)? There’s no clear answer.
Notice-and-takedown provisions are not just for things that actually infringe copyright, and the "DMCA notice" part may be an extremely easy misclassification of the letter sent to GitHub. More specifically, notice-and-takedown is for user-submitted content that is illegal or tortious to knowingly distribute. Copyrighted content is the main offender here, but there are other categories, especially "anti-circumvention" tools illegal under other provisions of the DMCA.
IANAL, and my limited legal knowledge is not of US law.
However, if you have copyrights which are of vast economic significance, to a very large number of copyrighted works, it seems unlikely that the law would would deprive you of all of that due to your suing someone for infringement. That seems highly disproportionate.
Now, don't get me wrong, I have no sympathies for the MPAA, but are you sure you're not overstating the effect of a "misuse of copyright" finding (regardless of the odds of such a finding being made)?
In Lasercomb v. Reynolds, and Practice Management Information v. American Medical Association the existence of an abusive licensing agreement allowed third parties to simply violate the copyright.
So, assuming misuse of copyright was found, precedent suggests the copyrights that were being misused would be rendered unenforceable.
A case finding that bad faith DMCA take downs amounted to misuse of copyright would be setting a new legal precedent, but, based on the facts in multiple recent DMCA takedowns, such a finding wouldn't be a huge logical leap.
The "copyrights that were being misused" seems to suggest specific copyrights. Is there precedent for voiding the copyright on Millions of works? Or even - multiple works whose individual copyright was not used specifically?
You can’t “counter-sue” for misuse of copyright, nor is it a “normal punishment.” It’s a defence you can use to avoid liability when someone else sues you, and an exceptional one at that [1]. As noted on Wikipedia, the court in Lasercomb [2] made it clear that copyright misuse does not render the copyright permanently unenforceable:
> This holding, of course, is not an invalidation of Lasercomb's copyright. Lasercomb is free to bring a suit for infringement once it has purged itself of the misuse.
Github needs to go on the offensive and begin to take action against fraudulent DMCA notices, including justification to seek damages for these claims.
IANAL, but I am pretty sure Microsoft has little recourse here. The requests would need to be knowingly fraudulent for recourse and that is a huge hurdle to prove that the MPA is knowingly acting in bad faith rather than just being overaggressive.
The DMCA desperately needs to be reworked at the very least.
If they can be sure there is no copyright violation, then what would the downside be? By not acting on the DMCA notice, they would lose their safe harbor, which would be inconsequential.
The downside is that the safe harbor protections apply to the entire site. Even if this content is fine, there is certainly some content on GitHub that violates copyright and Microsoft would want safe harbor protections in those instances. They therefore can't completely abandon the DMCA.
My understanding is that in order to continue participating in the DMCA the recipient needs to act on all requests. That doesn't necessarily mean they need to take down the content, just that they need to respond to requests.
There is also no penalty setup within the DMCA for sending a request in which the response is that the content is not in violation. The only part of the DMCA that sets up penalties for the requester is if the requests are made in bad faith. That basically would require Microsoft to show the MPA is malicious in their requests rather than incompetent. That can be difficult to prove.
>> The downside is that the safe harbor protections apply to the entire site. Even if this content is fine, there is certainly some content on GitHub that violates copyright and Microsoft would want safe harbor protections in those instances.
Hey! Finally a legal reason not to have massive centralization! OK my enthusiasm is exaggerated.
Well the material in question here is without a doubt not copyrighted by the MPA.
And the safe harbour provision only protects Github from hosting or referring people to infringing material, or material that's "subject to infringing activity" (which is different from what's being claimed here as nyaa is very clearly the object).
That said the DMCA contains all kinds of vague phrases, such as
> linking users to an online location containing [...] infringing activity
> Microsoft would never do that unless their hands were forced. Too much potential business with them.
The upside of Microsoft's acquisition of GitHub (and the entire strategy that resulted in the acquisition) is that Microsoft has created incentives for themselves to have GitHub being regarded as a truly open platform that you can depend on. Having repositories exposed to flimsy DMCA takedowns is not part of that.
Microsoft, very transparently, wants to make money by being important in how people develop software. If exposure to flimsy takedowns is a part of GitHub, then people will be more motivated to send their money to GitLab, Atlassian's stuff, or a bunch of other options. They have legitimate competition here.
Developer's opinions of GitHub and Microsoft in general may be of more longer term importance to them than the MPAA's opinion of them. I'm not saying that that is definitely the case (maybe they're still getting there), but it's worth acknowledging that Microsoft has legitimate actual cold money reasons to fight this. No need to rely only on personal convictions of the people at GitHub.
More effective would be those who are at orgs paying for Github Enterprise to express to their account managers they'll take their business elsewhere if Github is unable to defend it's platform from malicious actors.
Github don't care if you take your code elsewhere. They most definitely care about revenue (and developer mindshare a somewhat close second).
Such a claim is pretty weak, actually. MS would not be held responsible for code in someone's GHE instance any more than they would for a movie stored on an NTFS file system.
So the sales rep is likely just going to be confused by the attempt to use unrelated leverage.
No, but GHE is paid software. And not like it's impossible to migrate, it's just a fancy git frontend after all. Gogs/Gitea/Gitlab CE is completely capable of doing what it does.
Depends on how you do it. Of course if you want to move instantly then that's gonna be hard. But slowly moving isn't that bad, or creating new projects somewhere else and slowly porting old ones.
Even then, it's possible that just companies that planned to buy GHE will simply not buy it and use something open source instead.
Wrong, Microsoft’s internal incentives are aligned with GitHub remaining independent and building developer mindshare. The, relatively, minuscule business they get from MPA (No Azure, Office subs, Windows subs) is extremely fringe in comparison to losing long term developer mindshare. Even if you thought of representative companies in the MPA,e.g., Netflix, Warner, etc., which are only loosely coupled to the MPA itself, this is still tiny in contrast to overall developer mindshare. This is why they reinstated popcorntime etc etc.
I'm anxiously waiting for a quit-GitHub movement. I hold my source code there because of its popularity and "defaultish" nature. Of course I can go someplace else right now, but then people won't find my software.
The occasional prominent developer has left GitHub for GitLab, but it hasn’t made much of a difference. I don’t see organizations moving off GitHub if they’re already using it. I think GitHub is independent enough from Microsoft that the two could take different stances on these disputes. Certainly I’d expect a DMCA takedown of content on a Microsoft service like OneDrive to be ultimately handled differently from a takedown aimed at source code on GitHub...
Thankfully I am not yet required to sign on to github using 2FA that can only be confirmed on a Zune. Microsoft has been pretty good at leveraging github for the publicity of supporting developers (hosting informational streams and the like) while leaving the platform pretty independent.
I wouldn't be surprised if Microsoft viewed Github like McDonalds views the Ronald McDonald House - a long term PR investment that's well worth the marginal cost.
Except that Facebook has been integrating their sign on service into various acquisitions - using Zune (or any hardware) was quite hyperbolic of me. For a more even handed comparison: I'm not required to use a Live login to authorize with github.
I'm a bit doubtful of this. It's possible but Microsoft uses Live for both business and gaming, but they've only had a track record of forcing Live account adoption onto users in the gaming sphere. It may happen, sure, but I don't think it's likely.
That all said I didn't think it was likely that Minecraft would switch over to using Live accounts since Minecraft is so famously cross platform and Live accounts have struggled with that in the past.
They're also boiling the frog on Windows local accounts at the moment. It's no longer possible to set up a new install of Home, or Windows 10 (any SKU) in S mode with a local account without either disconnecting internet during installation or going back and converting to a local account after
Whether we contact our representatives or not, the MPA / Disney / etc have deeper pockets than we do.
We've reached the point where a candidate for the senate will only get the nomination and have a chance to be elected if they spend a significant amount of money on their campaign. There's no campaign limits, so if you don't spend much, you're liable to lose.
As a result, the people who run successful campaigns almost always have already agreed to side with the MPA and other interests that have money.
Us telling our legislature we're not happy about it won't help either because, well, what are we going to do? Vote for the person on the other party? Not likely. Vote for another guy? It's unlikely anyone else will even be on the ballot since both the democrats and republicans will avoid having multiple candidates to avoid splitting the vote within the party.
I agree that the problem is really legal at its root, but I think we need better plans than "contact your representative".
Deep pockets are only useful as a proxy for getting people to vote. What means more than deep packets is votes. If we can bring in votes that is far more powerful than money.
So get out there and convince voters that this is an important topic. The law will change fast if congress decides that not changing it will mean they are thrown out and some other person who will replaces them. So long as they think few people care it will get lib service. (also so long as there seem to be a signification amount of people on the other side nothing will change)
This year many high profile campaigns that spent the most money also lost, and the ones that won by spending the most were not "corporate" but were Bernie aligned.
Sanders, despite some reformist tendencies, is a also corporate-aligned. He is a staunch supporter of the Democratic Party and of its pro-corporate leadership; supports the military-industrial complex and most (not all) of its foreign interventions; and recently voted for the CARES act, which transferred huge amounts of wealth to large corporations.
Those "Bernie-aligned" elected members of the house have just recently chosen to support Hundred-Millionaire house member Nanci Pelosi for speaker of the house. They did not even do this in exchange for anything. Other Bernie-aligned representatives, already in office before this year, have also neglected to act against their pro-corporate party line.
So, the moneyed elites can indirectly win even if they ostensibly lose.
> and recently voted for the CARES act, which transferred huge amounts of wealth to large corporations.
That was a payroll support program like every other country did, plus airline bailouts which were good because they have giant union contracts.
CARES is the greatest anti-poverty measure the US has done in a hundred years and probably the largest downward transfer of wealth in the world. You didn't notice because all left-wing commentators decided to lie about it ("we only got $1200 checks") instead of reading about how the unemployment benefit worked.
While you may be able to point to one or two anomalies, we need more than that. If the MPA has the ear of 70% of congress, that's still enough to have their way on legislation, regardless of a few fringe elements.
is not necessarily incorrect. But it is also possible that it is the other way around:
being popular => receiving funding => winning
I.e. candidates which are more popular tend to have an easier time receiving funding. Or, it could be some combination. This would also explain the outcomes you point to.
Has there been even a single move away from ever more draconian copyright? Just the last budget bill had provisions for more criminal enforcement of copyright and with bipartisan support. If this is a slippery slope it's a steady and worryingly unstoppable one so far.
Civil disobedience through distributed systems seems like the only answer right now.
Your legislators can't hear you over the sound of millions of dollars from Hollywood getting deposited in their campaign accounts.
It's weird that we expect Github to do that, in a way. The repo might well be hosted on there for free, but we all want Github to spend a ton in legal fees to defend something they make zero cash from.
I'm not sure what my point is here other than finding it sad that code hosting is so centralised.
Github's market position is in no small part based on network effects and depends on nearly every open source project being hosted there.
Now imagine a competitor promising some kind of protection against these kinds of frivolous DMCAs. That could lead to a large chunk of media, p2p and security software moving there, threatening Github's position in those niches and putting that competitor on more equal footing.
I think it's in Github's interests to push back on this. MPA's dubious legal requests likely cost Github time, money, and PR to resolve properly. It adds up over time and I doubt any company wants to be caught in the middle of an arms-race conflict like this, nipping it in the bud could very well be worth the upfront legal fees.
I imagine MPA would also be emboldened by this if Github removes the Nyaa repository forever on what is basically a pretty flimsy basis ("Nyaa.si uses the code and that's a piracy website so the code itself is piracy").
>A better way would be to start excluding MPA and their behaviour in our open source licenses.
This is a remarkably good idea. Add an explicit clause to major open source project licenses that disallow use by the MPAA and similar groups, along with enough explicit damages spelled out to give it teeth.
I think they already know the guys behind the website. From an article [1] mentioned by [2] :
Documents obtained by TorrentFreak dated September reveal the MPA, acting through legal representatives, attempting to pressure individuals who they believe are important at Nyaa and could have the ability to shut the site down.
...
While emailed threats are still a common anti-piracy strategy, we are informed that at least two of the individuals were personally served with legal documents at their homes. Others were served with similar documents via regular mail.
The Nyaa.si devs addressed those notices described in the torrentfreak article on their twitter back in November:
> To briefly address this, we have no plans to shutdown or quit at this time. If we do choose to shutdown eventually we will make a public database dump for any successor entity to use, we will not be just disappearing like our predecessor site leaving everyone else on their own. [0]
> By the way what the fuck is an "anime cartel" MPA? Do we sell cocaine now in your head-canon? Please limit your fanfic posting in public, it is giving me second hand embarrassment. [1]
>EDIT: perhaps just a ploy to unmask the authors of the torrent site?
Who needs to respond to the DMCA claim with a GitHub repo? If I'd contributed to the source code repository but wasn't involved with hosting the site (I imagine there's quite a few of these), can I file a counter claim?
The youtube-dl demands were from the RIAA (Recording Industry Artist’s Association). This is from the MPA (Motion Picture Association), the only one of the three major supporters of SOPA and PIPA that GitHub’s parent company (Microsoft) is not an official member of (the third is the ESA — Entertainment Software Association).
When it comes to case law, they have to show intent, and the way they do that is they have to show their software is used for more than just piracy.
So, eg, if it's generic torrent tracker software, it's fine, because anyone can use it in a legitimate way (though it helps if someone actually is using it in a legitimate way), but if this is just for the site nyaa.si and no other trackers, they might lose this case if it goes to court.
"""
See Metro-Goldwyn-Mayer Studios, Inc. v. Grokster Ltd., 545 U.S. 913, 940 n.13 (2005) (“the distribution of a product can itself give rise to liability where evidence shows that the distributor intended and encouraged the product to be used to infringe”)
"""
EDIT: perhaps just a ploy to unmask the authors of the torrent site?