You break your own ToS and DMCA policies by banning users who repost youtube-dl code. You potentially also lose your safe harbor restrictions in the process.
Let's pretend for the moment that the original youtube-dl DMCA had been valid, or that you removed youtube-dl due to an innocuous mistake. If I post youtube-dl to MY account, you have NO reason to take it down until you receive another takedown request from the RIAA for my repo. You certainly have no reason to ban users. There is nothing in your ToS which this violates.
I work on education projects which use youtube-dl in legal, non-infringing ways. I don't think the RIAA has a legal leg to stand on for reasons I'm not going to get to in this post.
Until github starts following DMCA processes properly, I CANNOT respond to the existing takedown request, since I have no standing. It's not my repo.
The right course of action for me would be to:
(1) Consult my lawyer and figure out if this is a fight I want to pick. I'm pretty sure I'd win in court if this went all the way, but I might go bankrupt first.
(2) Post youtube-dl to my repo.
(3) Wait for a DMCA takedown notice.
(4) Respond to it with a counternotice, and litigate with the RIAA.
Because github has decided to act as an arbiter on behalf of the RIAA, rather than a neutral third party, I cannot follow this process. github short-circuits this process at #2 by threatening to remove the repo and ban my account.
I'm sorry that you've chosen to side with the RIAA against the Internet. I'm gradually moving my business to gitlab. This is approximately what people thought would happen as a result of the Microsoft purchase.
You break your own ToS and DMCA policies by banning users who repost youtube-dl code.
You need to re-read the Github TOS, because this is absolutely covered by it already (see Section F of their TOS).
You potentially also lose your safe harbor restrictions in the process.
That is false. They could lose their safe harbor if they did not respond to a presumptively valid DMCA notice.
Until github starts following DMCA processes properly, I CANNOT respond to the existing takedown request, since I have no standing. It's not my repo.
Pretty sure that the Legal Dept at Github knows more about the DMCA process than a random non-lawyer on HN. It's something they deal with on a regular basis.
Because github has decided to act as an arbiter on behalf of the RIAA, rather than a neutral third party, I cannot follow this process. github short-circuits this process at #2 by threatening to remove the repo and ban my account.
This is false.
Because github has decided to act as an arbiter on behalf of the RIAA, rather than a neutral third party, I cannot follow this process. github short-circuits this process at #2 by threatening to remove the repo and ban my account.
That is probably for the best. Customers with unrealistic expectations are not worth the effort to keep.
> You need to re-read the Github TOS, because this is absolutely covered by it already (see Section F of their TOS).
Section F says they can take down RIAA's account, not mine. Here is the section in full: "If you believe that content on our website violates your copyright, please contact us in accordance with our Digital Millennium Copyright Act Policy. If you are a copyright owner and you believe that content on GitHub violates your rights, please contact us via our convenient DMCA form or by emailing copyright@github.com. There may be legal consequences for sending a false or frivolous takedown notice. Before sending a takedown request, you must consider legal uses such as fair use and licensed uses. We will terminate the Accounts of repeat infringers of this policy."
> That is false. They could lose their safe harbor if they did not respond to a presumptively valid DMCA notice.
Had it been a valid DMCA notice, the required response under the DMCA is taking down the youtube-dl repo.
Their thermonuclear bomb was to take down other people's repos, ban accounts, and make random threats.
> Pretty sure that the Legal Dept at Github knows more about the DMCA process than a random non-lawyer on HN. It's something they deal with on a regular basis.
I'm pretty sure they do too, which is why their aggressive and technological legal response, combined with their CEO making public statements of sympathy for their victims, is so cynical, dirty, and dishonest.
They can be the good guy, and fight the RIAA. They can be a neutral party, and do their duty under DMCA. But fighting the RIAAs battles for then, and then making comments like Nat's? Sketchy and sleazy.
Even eighties/nineties Microsoft didn't do that. They went after people, but they were at least open about what they were doing -- they called Linux a virus and all sorts of other nasty things. They didn't pretend to like Linux while spreading FUD and mounting legal attacks.
On the other hand, I'm pretty sure the other random guy on the internet (you) doesn't know more than the first random guy on the internet (me).
> That is probably for the best. Customers with unrealistic expectations are not worth the effort to keep.
Depends on the cost, the context, and how those expectations manifest. Talk to any luxury good company serving the ultrawealthy for how not catering to customers with unreasonable expectations would serve them. Or any company selling to an athlete to promote a product. Or many small businesses who just won multimillion dollar B2B contracts. Or...
But in either case, I don't think expecting github to act honestly is an unrealistic expectation. Each time I've dealt with a dishonest company, no matter how good the deal looked, I came out behind. I think people were holding their breath to see what happens with github post-acquisition, and we just learned.
I love it when non-lawyers misread legal documents.
The TOS says that Github will take down the offending content (or if, necessary, account), not the copyright owner's account. Most copyright owners do not have Github accounts. Github is not a thing people use outside of programming.
Their thermonuclear bomb was to take down other people's repos, ban accounts, and make random threats.
This is the proper response to the petulant behavior of techies flaunting the original takedown. The end result would simply have been the RIAA issuing more requests, possibly even formal requests, which Github would have led Github to doing the same thing it did proactively.
You know why did it? To protect people from the legal consequences of their stupidity. Lawsuits are expensive, especially when you're in the wrong and the other side has a very large legal budget.
They can be the good guy, and fight the RIAA. They can be a neutral party, and do their duty under DMCA. But fighting the RIAAs battles for then, and then making comments like Nat's? Sketchy and sleazy.
Being the good guy in this situation is not fighting the RIAA. It's doing what the law requires to prevent disruption of services to their other customers, most of whom aren't opening flaunting the law.
Outside of the tech world, to the extent that people care about this conflict, they're wondering why techies are so intent on bullying non-techies just trying to protect their work. Outside of tech, people are struggling and many are unemployed. This is a PR battle that tech is losing.
> The TOS says that Github will take down the offending content (or if, necessary, account)
No. It doesn't say "offending content." It says "repeat infringers of this policy," referring to the aforementioned paragraphs.
> Github is not a thing people use outside of programming.
Which is increasingly close to zero major industries.
> The end result would simply have been the RIAA issuing more requests, possibly even formal requests, which Github would have led Github to doing the same thing it did proactively.
Exactly, and the opportunity for people with non-infringing uses, such as myself, to pick up the torch. It's a lot easier to take down youtube-dl than it is to take down obviously non-infringing educational tools used by kids to learn from home during a pandemic.
> It's doing what the law requires to prevent disruption of services to their other customers, most of whom aren't opening flaunting the law.
The law requires a very specific process. github went above and beyond that process, for no positive reason. The safe harbor provisions in DMCA hinge on being a "service provider," which is not very well defined, but the provisions were inspired by the concept of a common carrier.
If all I'm doing is hosting people's content, with no control over that, or providing bandwidth, or a caching layer, I shouldn't be liable for the actions of those people. Comcast has no liability for what I send over their network. If I run something illegal on AWS, that's not AWS' liability either. That's reasonable.
There's a fuzzy line from there to a service like github or Youtube, to a service like pip or npm, to something like the Debian package repository. If the Debian package repository, which is controlled and curated by Debian, has infringing content, Debian would almost certainly be liable.
github can be viewed as "like Comcast/AWS" or "like Debian," depending on how much control it exerts over what goes on github. Exerting more control than it absolutely needs to -- as it did in this case -- increases their liability in the long term. This shouldn't put them out of the service provider category, but a pattern of exerting control might.
I just looked over your post history. You've posted a whole bunch of posts which are both legally wrong, and show either fundamental, basic reading comprehension issues with your sources similar to the one in this thread, or you're intentionally spreading misinformation. I'm not sure which. Whatever it is, it's dangerous. You made false claims about the DMCA, github's ToS, and in other threads, about the EFF.
I'll post cites to sources, and then I'm done here.
Thanks, I needed the laugh. I love it when non-lawyers argue with me about the law because they always base their arguments on fundamental misunderstandings about what the law says or how the law works.
This whole thing makes me think of how Google goes "above and beyond" with Content ID on YouTube. Google had no legal obligation to build Content ID and preemptively take things down (and, as it turns out, way more aggressively than they legally need to be).
In the same way, it seems GitHub is preemptively telling people that if they re-post youtube-dl on GH, they'll be banned, even though GH has no legal responsibility to do so. It's really sad that they're siding with big business in all this, rather than their users, without whom they'd be nothing.
YouTube had to make Content ID because they were facing a multi-billion dollar lawsuit from Viacom. Had YouTube not been proactive, the court could have ruled that YouTube was widely used for piracy, and they’d be liable.
GitHub seems to be acting without a backbone. They’re owned by Microsoft, and can definitely stand up to legal challenges like this. Look at BitTorrent: The protocol and it’s code are legal despite being used for piracy. I don’t see why GitHub caves to every request to take down code that is clearly not violating any copyrighted material.
Also, the code itself does not break any copy protection and even if it did.. the code itself needs a user to execute it. Isn’t this how LAME was able to exist without violating mp3 patent laws?
Let's pretend for the moment that the original youtube-dl DMCA had been valid, or that you removed youtube-dl due to an innocuous mistake. If I post youtube-dl to MY account, you have NO reason to take it down until you receive another takedown request from the RIAA for my repo. You certainly have no reason to ban users. There is nothing in your ToS which this violates.
I work on education projects which use youtube-dl in legal, non-infringing ways. I don't think the RIAA has a legal leg to stand on for reasons I'm not going to get to in this post.
Until github starts following DMCA processes properly, I CANNOT respond to the existing takedown request, since I have no standing. It's not my repo.
The right course of action for me would be to:
(1) Consult my lawyer and figure out if this is a fight I want to pick. I'm pretty sure I'd win in court if this went all the way, but I might go bankrupt first.
(2) Post youtube-dl to my repo.
(3) Wait for a DMCA takedown notice.
(4) Respond to it with a counternotice, and litigate with the RIAA.
Because github has decided to act as an arbiter on behalf of the RIAA, rather than a neutral third party, I cannot follow this process. github short-circuits this process at #2 by threatening to remove the repo and ban my account.
I'm sorry that you've chosen to side with the RIAA against the Internet. I'm gradually moving my business to gitlab. This is approximately what people thought would happen as a result of the Microsoft purchase.