Freedom of Speech and the DMCA: Abuse of the Notification and Takedown Process

Last month, my first academic journal article was published by the leading international publication on IP law: the European Intellectual Property Review from Thomson Reuters.

From the abstract:

The Digital Millennium Copyright Act’s “notice and takedown” process is increasingly referred to as a model solution for content removal mechanisms worldwide. While it has emerged as a process capable of producing relatively consistent results, it also has significant problems—and is left open to different kinds of abuse. It is important to recognise these issues in order to ensure that they are not repeated in future legislation.

To that end, this article examines the DMCA with reference to its historical context, and the general issues surrounding the enforcement of copyright infringement claims. It then goes on to discuss the notice and takedown process in detail—along with its advantages, disadvantages, criticisms and praise. Specific examples of the kinds of abuse reported by online service providers are outlined, along with explanations of the statutory construction that allows these situations to continue. To finish, the viability of potential alternatives and proposed changes are discussed.

The article itself is available on WestLaw, citation: E.I.P.R. 2019, 41(2) at 70However, you can also get a copy of the PDF below.

Freedom of Speech and the DMCA: Abuse of the Notification and Takedown Process (PDF)

This material was first published by Thomson Reuters, trading as Sweet & Maxwell, 5 Canada Square, Canary Wharf, London, E14 5AQ, in European Intellectual Property Review as ‘Freedom of speech and the DMCA: abuse of the notification and takedown process’.
E.I.P.R. 2019, 41(2) at 70 and is reproduced by agreement with the publishers. This download is provided free for non-commercial use only. Further reproduction or distribution is prohibited.

Advertisements

How to Submit (Valid) DMCA Takedown Notices

So you’ve discovered that a website is using something you’ve created without permission, and you want them to stop. The quickest route to make this happen is to submit a ‘DMCA takedown notice’, though the process itself can seem daunting if you’re not familiar with the language involved.

In short: The Digital Millennium Copyright Act, or ‘DMCA’ is a piece of American law that provides a mechanism for copyright holders to have allegedly infringing material taken down speedily from the Internet without having to resort to legal action – whilst also protecting the online service providers from liability for the actions of their users.

Should you wish to follow up on the unauthorised use of your works online, this guide will give an idea of what’s involved, and how to submit a formally valid notice. Having seen thousands of these takedown notices as part of my job, I know a fair bit about the quirks that are involved.

Things to Consider

Before submitting a DMCA takedown notice, there are some general things to bear in mind:

  • The DMCA is American lawAs a result, online service providers located outside of the US are not bound by its contents. There are similar provisions enacted in different jurisdictions, but generally the DMCA is seen as the industry standard. It is often the case that hosts will comply with valid takedown notices even if they technically are not required to by their local laws, but don’t expect bank on this.
  • Takedown notices do not prevent the spread of the material. Just because you manage to get something removed from one host, doesn’t mean that it won’t pop up again somewhere else – much like the ‘whac-a-mole’ game you see in American films. Sometimes giving attention to one instance of infringement can lead to a multiplication of the problem, rather than a solution. As a result, you need to question whether taking action will be worthwhile, or whether sleeping lions are best left undisturbed. This is relevant.
  • Not every use of copyrighted material is actionable. People are entitled to use copyrighted material without permission in certain circumstances, such as for the purpose of research, criticism, education, or news reporting; known as the ‘fair use’ doctrine. You have an obligation to consider this possibility before submitting a takedown notice for the use of content in which you hold a copyright interest.

The Takedown Notice

The DMCA takedown notice itself isn’t very complicated, but it does require a number of specific elements in order to be considered formally valid. It’s amazing how often people screw this up.

They are:

  • A signature from the copyright holder, or somebody who they have authorised to act on their behalf. This can either be a physical, or electronic signature.
  • An identification of the material that is being used without permission. In other words, what photograph, text, or other content is it?
  • An identification of where the infringing material is located. Where exactly is the content being used without permission? Include a direct link to the page where it exists, and be careful not to include dynamic URLs, as this can delay the process.
  • Details to allow the service provider to contact the complainant, such as address, telephone number, or e-mail address.
  • A ‘good faith belief’ that the material’s use is not authorised by the copyright owner, agent, or the law.
  • A statement that the notice is ‘accurate, and under penalty of perjury, that the complaining party is authorised to act on behalf of’ the copyright holder.

That’s all. There are various examples available on the web that add in a whole lot of extraneous information about the obligations of service providers and so forth, but legally this is not required. Whilst some smaller hosts may be intimidated this approach, the extra verbiage more often than not can seem as if the complainant is clutching at straws in a desperate bid to have material taken offline.

Some things that are worth noting:

  • You can have somebody submit the DMCA takedown notice on your behalf, if you would rather.
  • The signature must be of a person. This sounds obvious but in other words, you can’t sign your company name – it must be either yours or the third party acting as your agent for the submission.
  • Though some service providers specifically ask for it, the DMCA does not require you to provide all of your contact details. As a general rule, I would only supply the minimum necessary, and avoid giving up personal phone numbers and addresses This is particularly true as a copy of the notice can often then forwarded on to the user who published the material in the first place (depending on the policies of the host in question). An e-mail address should suffice.
  • If you do not want to supply your own details, the DMCA allows for you to submit a takedown notification through a third party agent, acting on your behalf.

A sample DMCA takedown notice is as follows:

Subject: DMCA Takedown Notification

To whom it may concern,

This e-mail is notification under USC 17 §512, the Digital Millennium Copyright Act (DMCA), of instances of copyright infringement operating on site(s) under your control.

The copyrighted work at issue is as follows:

** INSERT DESCRIPTION OF COPYRIGHTED WORK **

The unauthorized, and infringing copy is available the following URL(s):

** INSERT URLs WHERE THE COPYRIGHTED WORK CAN BE FOUND **

I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law.

I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

I demand that you expeditiously remove or disable access to the material in question.

I may be contacted on:

** NAME **
** ADDRESS **
** TELEPHONE NUMBER **
** E-Mail Address **

The following should be considered my electronic signature for the purposes of §512(c)(i):

** TYPE OUT FULL LEGAL NAME **

This can be downloaded over on Github.

PROTIP:

  • Don’t submit these DMCAs by post, or in PDF format. Unless you want to be really, really annoying (which you might!), this will only serve to slow down the actual process of getting your material removed, which should really be the priority.

The Process – What Happens Now?

Once you have submitted a valid DMCA takedown notice, the process is as follows:

  • The online service provider must act ‘expeditiously’ to ‘remove or disable access to’ the material that you have identified as infringing upon your copyrights.
  • The user who published the material has the option to submit a counter notice, asserting their right to legally use the material. At this point you will be notified, and if you do not give notification of beginning legal proceedings, the content in question will be restored between 10 and 14 days after the submission of the counter notice.

So there are a number of possibilities for what could happen:

  • Nothing. The service provider ignores your takedown notice, which can happen for a variety of reasons (such as their location outside of the US). At this point you are left with little option but to undertake legal action to have the material removed.
  • The material is removed by the service provider, and stays offline. The best possible outcome.
  • The material is removed by the service provider, but a counter notice is received shortly thereafter, leading to it being restored within the 10-14 day window unless you pursue legal action.

NB: This is not to be taken as legal advice.

Blow Struck by WordPress.com Against Fraudulent DMCAs

Abuse of the American online copyright takedown system (DMCA) is rife. People frequently submit fraudulent notifications to online service providers in order to censor views that they disagree with, curbing legitimate freedom of expression. Examples include those trying to stifle negative reviews about their businesses or products, preventing political satire, and even inappropriately targetting the normative use of a trademark.

All too often, OSPs simply shrug their shoulders when confronted with these scenarios, and process the notices anyway in order to avoid losing their safe harbor protections. Even when alerted to what’s going on in specific circumstances, many choose a policy of non-intervention, rather than to defend their users.

The result of one of two cases which were filed by Automattic in response to fraudulent takedown notifications submitted concerning material posted by WordPress.com was released a few days ago, Westlaw citation: 2014 WL 7894441. The judgement concerned a notice sent by a group called ‘Straight Pride UK’, who objected to the publication of an e-mail interview which a journalist Oliver Hotham had conducted. Under §512(f) of the DMCA, Automattic were awarded a total of just over $25,000 in damages – $960 of which was for Hotham’s time.

The outcome was a ‘default judgement’, as the defendant’s (unsurprisingly) didn’t turn up to the hearing, despite being served properly through the standard international processes. It’s unlikely that either Automattic or Hotham will ever see any of the money, so it is largely a symbolic victory. However, it should not be dismissed too quickly, as the case highlights a number of important issues:

  • The DMCA is frequently abused, with few consequences for those who misrepresent their copyrights
  • Taking action against this abuse is expensive, and happens extremely infrequently
  • Enforcing damages against those from outside the US is difficult, and so there is a hole in the remedies available where those who abuse the system fall into this category
  • Even where organisations or individuals are resident in the US, major online service providers do nothing about the fraudulent notices they receive that could be actionable
  • In order for damages to be awarded, material must be removed as the result of a misrepresentation. There are no consequences for fraudulent notifications that are caught by diligent service providers first – at their own risk

The DMCA is a blunt tool that has an incredible power to silence dissenting voices without recourse. The only way in which this is going to change is if service providers begin to stand up against the abuses, using the considerable resources as their disposal – both to further the conversations in this area, and also to take legal action where possible.

Transparency: I am a Community Guardian for WordPress.com.

 

DMCA Rejection Retaliation

Every day WordPress.com receive a sizeable number of DMCA takedown notifications, and every day I personally reject a fair number of them for being incomplete, invalid, or fraudulent.

Many of those who find their takedown notifications being rejected are displeased with the decision, used to service providers choosing to automatically process them, shifting the burden of proof onto the user, rather than take on the risk of liability for themselves. Unsurprisingly, this displeasure is often most aggressively expressed by dedicated third party agents whose sole business model is based on scouring the web for potentially infringing acts, and who get paid per removal. Some people may say that with a results-driven financial incentive to have material taken offline, that there is more of a chance for the DMCA process to be used inappropriately – but that’s something you’ll need to make your minds up on independently.

Yesterday a colleague let me know about one such organisation that had evidently found some of their notifications rejected in the past, who had then chosen to take to Twitter to voice their displeasure about me doing my job.

Screen Shot 2015-02-24 at 23.49.14

The image they linked to was of me, lying on the grass clutching a bottle of Buckfast – the weekend of the Queen’s Jubilee, if memory serves correctly.

The one they used wasn’t really very good quality though, so here’s a higher resolution one incase they want to try again:

crail

I’m not entirely sure what they were trying to achieve to be honest. It’s not as if pictures of me intoxicated are really all that hard to find, after all. My occasional penchant for Buckfast isn’t exactly a secret at Automattic either, given that I did my first annual ‘flash talk’ at the all-company Grand Meetup in Utah on the ol’ tonic wine.

Somebody (who shall remain nameless) suggested we reply to say:

Even smashed on Bucky, Clicky Steve knows more about the DMCA than RemoveYourMedia

Which is so beautiful it almost brought a tear to my eye.

That wasn’t the only tweet they aimed at me though.

Screen Shot 2015-02-24 at 23.49.26

It’s pretty bizarre that they would choose to use that case about Napster to illustrate the potential liability for service providers guilty of contributory infringement, since there are far more recent, compelling, and relevant judgements they could have made their point with. Ah well, better luck next time, eh? As far as I’m aware they never actually sued after these bold statements on social media, but maybe they’re still preparing the paper work.

At the end of the day, whilst this has given me a hearty chuckle before I turn in for the night, there’s no getting away from the fact that it’s not only petty, but ridiculously unprofessional. Making ad hominem attacks on employees of a company for rejecting your legal demands is pretty sad. If I was a copyright holder, I wouldn’t be too impressed to find the agency I had employed to protect my intellectual property deploying tactics like this. Then again, it might be a bigger deal if they had more than 1200 followers…

In the world of the DMCA, there’s only one thing dumber than submitting bogus takedown notifications, and that’s having a tantrum on Twitter when your bogus takedowns are rejected.

Hyperlinks, Copyright Infringement, and the DMCA

Hyperlinks are a fundamental part of the core fabric of the web. As the basic tool used to connect pieces of information together, it’s difficult to imagine how the Internet could function without them. 

Despite its critical nature, the role of hyperlinks has attracted the attention of those seeking to prevent particular kinds of information from being shared. One of the prime examples relates to copyright, and efforts to disrupt the dissemination of materials without authorisation. As part of this, the delivery mechanism of the hyperlink – as well as the infringing act itself – has come under fire.

Hyperlinks and Case Law

There is not a sizeable wealth of case law available that directly relates to the question of whether a hyperlink can constitute copyright infringement. As a result, discussions concerning potential liability often draw upon analogies taken from older cases – sometimes with judgements over a century old – in order to apply established legal principles to the uncertainties thrown up by technological evolution.

In the case of Hird v. Wood from 1984, the defendant was seated near to a sign on which defamatory messages were displayed. Despite not having created the sign, it was held that he incurred liability simply through the act of drawing attention to it. In the later case of Byrne v. DeanHird was referenced, the judge noting the following:

If defamatory matter is left on the wall of [a] premises by a person who has the power to remove the defamatory matter from the wall he can be said to have published the defamatory matter to the persons who read it.

Applied to our topic, it would appear that this principle would impose an obligation on the operators of websites (as well as their hosts) to remove hyperlinks that led to illegal material.

The Supreme Court in Crookes v. Newton did not completely accept the above analogy. Instead, they found the argument put forward by the respondent to be more persuasive: a comparison between hyperlinks and footnotes. In other words, both are ‘content neutral’, communicating the existence of something, but not necessarily commenting on the content. This view is one also supported by Tim Berners-Lee, credited with the creation of the World Wide Web:

The intention […] was that normal links should simply be references, with no implied meaning.

However, the court also recognised that the Internet is ‘a potentially powerful vehicle’ for defamation, and that the context itself was important in establishing possible liability. In the words of the court:

Individuals may attract liability for hyperlinking if the manner in which they have referred to content conveys defamatory meaning.

Analogy is one instrument that can be used when considering the relationship between the use of hyperlinks and the law; powerful, albeit imprecise. The issues involved in real life situations are more complex than can be addressed by analogy alone, and courts have often taken differing approaches in making their determinations.

One of the first cases to directly challenge the legality of the use of hyperlinks, and their potential to constitute an infringement of copyright concerned their use on the website of a Scottish newspaper named the ‘Shetland News’.

The links in question were published on the Shetland News website. They took the form of headlines copied from the site of a rival paper: the ‘Shetland Times’. By visiting the Shetland News website and clicking on these links, visitors were taken to the corresponding articles on the Shetland Times website. Confused yet? The way things were set up meant it was possible to completely avoid having to visit the Shetland Times’ homepage, and therefore missing out on its advertising. As a result, the Shetland News website was receiving ad-based income for providing direct links to articles that they themselves had not authored. 

Understandably, the Shetland Times weren’t too pleased about this, and succeeded in having the use of the links halted through the use of an interim interdict. The reasoning for the decision was that the links came in the form of headlines that had been copied verbatim from the other site, and so there was potential copyright infringement. Disappointingly from an academic point of view, the case was settled out of court, with no final judgement made on the actual liability arising from the use of the links.

One of the first significant cases in the US regarding the status of hyperlinks was that of Kelly v. Arriba Soft Corp. This concerned the display of thumbnail images from a professional photographer’s website in search results. The images were available both as resized thumbnails, and full sized previews, which is akin to the functionality provided by Google Images. Arriba was sued for copyright infringement, and the appeal judgement from the Ninth Circuit Court in San Francisco found that the thumbnails were protected under the doctrine of fair use. However, there was liability incurred for the displaying of the images in a new display window – a practice known as ‘in-line linking’. After an amicus brief filed by the EFF, the judgement was revised; the concerns about the in-line linking removed, with the fair use affirmation standing. 

In the case of Intellectual Reserve, Inc. v. Utah Lighthouse Ministry, Inc., the court found that hyperlinks pointing towards illegally distributed material could in of themselves be considered to be contributory copyright infringement. In this particular situation, the facts were complicated because the owner of the website in question had originally stored copies of the protected content on their own servers, before replacing them with hyperlinks to copies stored elsewhere. It was the context of these actions that was important – echoing the ratio decidendi in Hird.

One of the more commonly cited cases in this area is the infamous Grokster case, in which the Supreme Court introduced a new potential for liability: that of inducement. It was held that where technology is created for the intended or actual purpose of encouraging its users to breach copyright, then the creators themselves could be held liable for contributory copyright infringement. Ultimately, Grokster was shut down. Despite the concern by service providers over the precedent of this case, the facts were very particular to this situation, with the platform actively fostering the ‘blatant and overwhelming’ infringing activity of their users. It is extremely unlikely that the same definition would be applied to the majority of contemporary online intermediaries.

Hyperlinks, the DMCA, and Contributory Infringement

Online service providers often receive DMCA takedown notifications that target hyperlinks leading to allegedly infringing material, rather than material that resides on their servers. They are faced with an interesting quandary as a result: whether or not to remove the link.

On the one hand, hyperlinks generally do not constitute copyright infringement. However, it is the context that is the determining factor when considering potential for liability. A link created by a user to illegal material may well be infringing, but where does this leave the service provider?

Service providers are afforded safe harbor immunity from the infringing actions of their users, provided they ‘remove or disable access to’ material upon receipt of a valid DMCA takedown notification. However, it is unclear how this would apply in the case of hyperlinks. In our example, the infringing material itself is located on servers out-with their control, but there is still potentially infringing activity taking place on their platform. Would a host be liable for a failure to remove a hyperlink to material, where that hyperlink was found to be an infringing act, based on the context?

We can take some insight into how the decisions of future courts may fall in this scenario by considering the ‘server test’ discussed in the Perfect 10 cases. Here, the facts concerned the display of websites in Google’s Image search that were infringing upon the copyright interests of the plaintiff. It was found that Google was not liable for direct infringement on the basis that the material at issue did not reside on their servers, and was served up from another host through their use of framing, or ‘in-line linking’. With regards to contributory infringement specifically, the court held that there was no liability, as the infringing activity itself would still exist irrespective of whether or not Google Images existed. In other words, they were not found to be encouraging the copyright infringement.

In Flava, the defendants were operators of a ‘social bookmarking’ service called myVidster that allowed users to share videos from different locations around the web, which were then embedded on their platform, served up from the original locations. They were sued for contributory copyright infringement, based on the actions of users that were sharing clips that had been uploaded without authorisation.

The service provider had already received a number of takedown notifications regarding the material, and it was argued that they had not taken enough action as required to qualify for safe harbor protections. However, that is not the be all and end all. In the words of the court: ‘a non-infringer doesn’t need a safe harbor.’ The parties who uploaded the videos in the first place were the ones whose activity was infringing, and the question is whether myVidster had encouraged their infringing activity to an extent that constituted contributory infringement. The court did not find this to be the case, holding that myVidster was neither a direct or contributory infringer. In other words, they were too far removed from the infringing activity, 

My View

Irrespective of the potential for individuals to incur liability based on the context of hyperlinks which they create, the application of the DMCA should not extend to their removal.

Part of the criticism of the DMCA is that there is a substantial burden placed on copyright holders to track down and report instances of infringement across the web. Much like the mythological Hydra, as one falls, more spring up to take its place. Slaying the beast requires attacking the root of the problem; treating hyperlinks as valid subjects of takedown notifications is to mis-understand the task, and only serves in the creation of extra conceptual heads to pursue.

Rather than target hyperlinks, the focus of enforcement efforts should be on the actual source of the infringing material: the host. Take out the location pointed to by hyperlinks, and they are instantly rendered obsolete. This is not only a far more effective approach in tacking infringing activity, but one that also avoids creating extra and unnecessary work. Financially, this means less is paid to third party agents such as DMCA.com, whose revenue is based on successful takedown notifications.

The DMCA is already a blunt, and powerful tool. Abuse of the system is rife, and often deployed for the purposes of censoring legitimate expression, rather than to curb copyright infringement. To extend its remit to include the removal of hyperlinks is a dangerous step, that fundamentally alters our relationship with a core structural element of the web, and risks a (further) chilling effect on freedom of speech.

Despite recent case law seeming to support this principle, the judgements have been extremely dependent on the circumstances involved, and there has been no definitive authorities. As a result, it is up to online service providers to shape the approach to the issue, rejecting DMCA notification takedowns that concern hyperlinks. Policy decisions such as this create the normative frameworks that have the power to help ensure or hinder a free and open web, and it’s critical that tech companies lead the charge, rather than taking a minimum risk stance.

Automattic/WordPress.com fight back against Censorship

WordPress LogoAutomattic – the company behind WordPress.com, have taken a decisive step in the fight against bogus DMCA claims.

Under the Digital Millennium Copyright Act, people can submit a takedown notice to web service providers where their intellectual property is being used without permission. This is the legislative attempt to protect hosts like Google, WordPress, Tumblr, etc from being held responsible for the content that their users post – provided that they swiftly restrict access.

However, whilst this system is designed to give a balance between protection and enforcement, the reality is that many times it is abused by those who wish to silence critics, or to censor views with which they disagree. The Church of Scientology infamously issued thousands of DMCA takedown notices to stop the spread of anti-Scientology views on Youtube, for example. This tactic is highly effective, as the content is almost always restricted (at its peak moment of attention), and the process to challenge the notices (a ‘counter notice’) isn’t something that creators are, or arguably should be, familiar with. In effect, it becomes a virtual game of ping-pong, with the burden of proof shifting to the ‘author’ of the content to prove that they actually have the rights to publish. Sites themselves can take action, but with the sheer volume of notices that they receive, it is often impractical, and rarely a route that businesses want to go down.

I’m both pleased and proud to see that WordPress are fighting back against two such bogus DMCA claims, as announced in this latest blog post, where you can find all the details of the two cases in question.

For the full text of the original post from Oliver Hotham – one of those that fell victim to the misrepresentative DMCA, continue reading below, where it is republished with permission.

Continue reading “Automattic/WordPress.com fight back against Censorship”