Slashdot Mirror
Ask Slashdot: Hosting Services That Don't Overreact To DMCA Requests?
tobiasly (524456) writes I run a few websites which are occasionally the target of bogus DMCA takedown requests. Even a cursory look at these requests would reveal that the content these requests try to have removed are not even eligible for copyright (for example, someone named "John Smith" decides he wants to have every instance of his name removed from the internet, so he claims he has a copyright on "John Smith", and the comment section of my website has that name somewhere.) I'm guessing most webmasters of sites with significant traffic face this problem, but I'm having difficulty finding information on domain registrars' and hosting providers' DMCA response policies. Most seem to over-react and require an official counter-response. I'm worried I'll miss one of these someday and find that my entire domain was suspended as a result. Both my domain registrar and hosting provider have forwarded these notices in the past. I'm also worried that they're forwarding my response (including personal details) to the original complainant. Which domain registrars and hosting providers have you found who handle these complaints in a reasonable manner, and filter out the ones that are obviously bogus? Which ones have a clearly stated policy regarding these requests, and respect the site owner's privacy? Some of these domains are .us TLD, which unfortunately will limit my choice to U.S.-based companies.
You don't get to pick and choose on a spectrum of "obeying the law." The DMCA is so poorly written that even a little hesitation or restraint causes a business to lose its liability protection under the "red flag" tests.
Pick a nation on the USTR's shitlist and host your stuff there.
In the case of the "John Smith": When someone sends a DMCA takedown notice, they declare under penalty of perjury that they have copyright on the work that they believe you are infringing upon. (If the are mistaken about the work - the one you published is not the one that they have the copyright for, or they are wrong about the infringing - you have a license, that's fine, but they _must_ have the copyright for _some_ work). So you can take them to court and give them an expensive lesson in copyright law and the DMCA law.
Takedown + waiting for a counter notice is not overreacting, it is the appropriate reaction. And of course they have to send your counter notice to the claimant. What are you afraid of? Just write in your counter notice to John Smith "I own the copyright on all the works on my site, and if John Smith thinks he can force me to remove an article about a different person with the same name, I'd like to know what drugs he is taking. "
A hosting service is there to run a business, not shield you from the legal process, even if it is being misapplied or abused. Their obligation is to follow the terms of the DMCA and that is all.
Any hosting service that did offer such a protection would need to charge the equivalent of having an attorney on retainer plus enough funds to fight it out, i.e. more than you could afford to pay for such hosting. Even then you wouldn't know if the attorney they hired was any good.
That filters out 99% of the garbage right there. Just look at their web site.
If you don't want personal info it as a business with a business address (po box works) and possibly a lawyer to write up the one copy paste counter notice you will ever need and pay them to deal with the inbound complaints.
If your just hosting remember your paying what a few bucks a month? DMCA notices are a cost they get shuffled in and out as quickly as possible. If you want them to look at them you need to be a bigger fish or worth there while so at least dedicated server if not a rack or more.
No sir I dont like it.
As a Canadian, I'm finding the USA's over reach getting more and more excessive, to the point that my next online business will avoid have anything hosted, purchased, programmed, owned or registered in the USA. It's getting to the point that in some circumstances, avoiding selling anything to USA customers saves tonnes of money and time with expensive lawyers... at the cost of 330 Million potential customers... but hey... there's over a 1 billion other internet users out there and growing.
Solution: Register .IO out of some Luxemburg or Monaco or other offshore registrar, then get bullet proof hosting and lastly apply a filter that throws out all DMCA emails. Problem solved?
No trees were killed in the making of this post; however, many trillions of electrons were horribly inconvenienced.
Seriously, if you are worried about downtime due to bogus DMCA requests and bizzare or unconstitutional law enforcement actions and court rulings, get rid of .com and .us domains and host everything outside the US, like in Switzerland or other parts of Europe.
They have been reasonably good at defending against a few unwarranted server shutdown requests. That's all I got.
See their CEO's infamous "...and, if left unchecked, a very frightening snake" reply to the UK government making INTERNET SERIOUS legal threats against them.
They host a lot of "on the right side of the law, but only just" content, they make clear exactly what they ban, and they make clear that as long as their customers are obeying the law, they will defend them at all costs.
Plus they're cheap and awesome.
No connection, just a satisfied customer.
"Some of these domains are .us TLD, which unfortunately will limit my choice to U.S.-based companies."
Make a landing page on the .us servers that forwards them to servers elsewhere. Almost no one goes to web sites by name anyway. Forward it for now. Eventually your users will bookmark or remember the new site.
In reality, you can't not get sued if you put yourself out there. Anyone can sue you for anything. It doesnt' mean they can win, but they can still get the ball rolling. And it doesn't cost that much to sue, so they don't have to have expensive lawyers. And even if you countersued for damages, that doesn't mean they will have the ability to pay.
Ninjas don't carry tic tacs
Establish a side-line where you manufacture credible 'DMOA' legalistic take-down threats to -all- users of a hosting service (for you know every "thief doth fear each bush an officer") and, of course, copy the host's office themselves. Hide ye in the vast underbrush of your own making; because, really that's all the DMCA is, is a bully for hire.
The letter of the DMCA law works hard to make sure people who do not react properly to the issuance of a DMCA face rather brutal punishment. This is partly because of the history of infringement on the internet, that major companies like godaddy simply couldnt be reached while other emerging companies barely had offices and just ran local mom-and-pop shops. record labels crafted the DMCA, the incisors of their efforts based on the industries lack of a standard to handle legitimate problems in a timely manner.
the other reason the punishment is pretty brutal, is because record label recording industry protection rackets and even record labels themselves had been brutalized for almost a decade by declining sales in favour of a far more reasonable distribution method: the internet. Locking down everything from unsigned independent artists with DMCA takedowns as well as fair-use snippets meant the industry could keep its fat foot wedged in the door music and talent with relatively little blowback (its their law after all..) the DMCA, one could argue, is also part of the reason the Youtube music awards were basically an advertisement campaign on behalf of the largest record labels in hollywood as it can be used by, and only by, the industry to take out mafia style hits on published independent content through the much maligned 'frivolous DMCA takedown.' Sure, other groups like the church of scientology have tried this in the past, but only the record industry has emerged without punitive retalliation from online services.
What I think i can do is offer a hosting solution that has decent tech support for when these takedowns happen. Try Dreamhost.com, who actively oppose most draconian legislation against the internet like SOPA and PIPA. Vote with your dollars.
full disclosure: i used to work for Dreamhost.
Good people go to bed earlier.
I can't say anything about the rest of your post, but being the 'owner' of your domain, you ARE the target of a DMCA takedown, not the hosting provider since you control the content on your site ultimately. They'll hit the provider first, but eventually get to you, as the lawful owner of the domain, DMCA is about you, not them. If the provider sends along your personal contact information as is probably required for a subpoena (maybe a take-down, but I doubt it) then that's what they'll do.
Bye!
No, real lawyers are not THAT stupid as to sign a document that purgers their testimony; that's how you get disbarred and judges can be VERY VERY pointed in their enforcement.
Any twit that would assert they have copyright on "John Smith", if taken to court, deserves to and WILL loose everything. Do us all a favor and GUT THIS SUCKER IN COURT. Then go have a nice relaxing vacation on the idiot's life savings.
For this (as well as their other policies) I'd recommend NearlyFreeSpeech.net - they have a DMCA policy page which clearly lays out the requirements that must be met to anybody intending to make a takedown claim. They're run as a pay-what-you-use host for people who have at least a small amount of knowledge of what they're doing (no cPanel interfaces here!) and from their blog and general demeanour it's clear that they are a company run by nerds who Do Things Properly.
I have no doubt that they'd follow the law if issued with a full and proper DMCA notice, but I also have no doubt that they would not give the benefit of the doubt to, or go out of their way to assist somebody filing incomplete or incorrect takedown notices.
(Full disclosure: While I've hosted my small website with NFSN for a number of years I've never received a DMCA takedown notice and I have no material which is at all likely to generate any.)
Security through promiscuity is no better than security through obscurity.
Read this. Yes,the take down notice is under penalty of perjury..
Filing a DMCA Notice to Remove Copyrighted Content-for Copyright Holders
If you believe that your work has been copied in a way that constitutes copyright infringement, please provide us with a written notice containing the following information:
1. Your name, address, telephone number, and email address (if any).
2. A description of the copyrighted work that you claim has been infringed.
3. A description of where on the Vimeo Site the material that you claim is infringing may be found, sufficient for VIMEO to locate the material (e.g., the URL).
4. A statement that you have a good faith belief that the use of the copyrighted work is not authorized by the copyright owner, its agent, or the law.
5. A statement by you UNDER PENALTY OF PERJURY that the information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf.
6. Your electronic or physical signature.
(emphasis mine)
The WTO (World Trade Organization) gave them an exemption from complying with US copyright laws, due to a 10+ year dispute over online gambling:
http://www.wto.org/english/tra...
Build it, and they will come^Hplain.
I have used nearlyfreespeech for a number of years (5+) and have always been happy with them. None of my sites are remotely controversial, but I initially went with them because of their pro-free speech stance and have stuck with them because they have been a good host. Here's their DMCA FAQ:
http://faq.nearlyfreespeech.net/section/nonmember/dmcaresponse
Now, their pricing structure may or may not work well for you depending on the type of sites you're hosting, but if you want a US based host who will do the right thing by you I think you should check them out.
Pretty sure these people haven't spent much time in the courts....
I was sued for defamation by a company over content that someone else published on their site. I was included in the lawsuit because I provided the owner/operator/content-creator/everything of the other site a web analytics tool I created (before the days of free Google Analytics). This was enough to confuse the courts and put me in the position where best case scenario, I spend $40K+ and I "win" and worst case scenario, I spend $40K and lose the case and face a ridiculous judgment.
Unless you are an unemployed lawyer with no assets and plenty of free time, the legal system is a big pile of lose-lose.
Evolution: love it or leave it
I used to run the abuse desk at a web hosting company before I moved on to automation control. Our company developed a procedure -- and published it -- to handle takedown notices. First, the notice has to be sent to the contact on record with the copyright office, that's part of the law. That meant it came directly to my desk. Further, the person submitting the notice had to provide some proof of copyright. Finally, the notice author has to demonstrate that the infringement didn't fall under fair use, or some of the other exceptions.
I then investigated the claim, and if I felt there was reasonable cause for the claim I would take down the site and notify the allegedly infringing customer of the notice and our analysis. The customer could then deal with the copyright owner and then the two parties would let us know how it's resolved. Or the customer could remove the infringing material (they still had access to the data even when the site was shut off), let me know, then if I was satisfied that the infringement was removed I'd turn the site back on, and let the complaining party know what had been done.
There was the case of a person whose site sold knock-off watches. The original manufacturer took exception to the pictures on the site, claiming trademark infringement (which was pretty obvious). The customer took the pictures off. Case solved.
Then there was the customer who posted MP3s of music. That was a no-brainer. We terminated him for violation of the acceptable use policy.
There were some trolls, too. One customer had material under copyright, but the customer's use of the material fell under fair use. The troll could not demonstrate how the infringement went beyond fair use. He threatened to sue. Our lawyers took that threat and ran with it -- replied with a threat to counter-sue.
So different companies have DMCA policies and procedures. It helps to look what they have in place.
Uzi Nissan, of Nissan computer fame has been paying the price for years for daring to be born with a name that was later copyrighted.
For the record, they use a hosting provider called SourceDNS, or so the internets claim... (though I cannot find such a provider). If Nissan.com computer is still up, your theotherjohnsmith.totallynotmelgibson.disneyisthenameofadifferentcompany.biz.info is totally safe
Most seem to over-react and require an official counter-response
That's because the law requires them to do this. They must either take down the content, or you must provide an official counter-response. There is no 3rd-option of saying "This request is bogus, ignore it" even if it actually is bogus.
Run your websites from your own machines. Don't depend on others.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
I thought that perjury was a criminal offense, not a civil one, meaning that one cannot "take them to court" -- you can only report it to the FBI and see if the US Attorney will choose to prosecute. Am I missing something here?
Better make sure your DNS service provider, and domain registrar are similar in "safe" places then...
Login, Inc. (http://www.login.com) in Tucson AZ has a carrier-neutral datacenter.
Their DMCA policy linked from page above is at http://www.login.com/dmca.php.
Looks like they actually make sure people submit valid requests, and then
instead of taking things down, they forward it to the admin of the site.
That's pretty awesome, I think.
MP
It reads:
[stuff removed]
Login complies with 17 USC 107. If your request is in violation of that law, it is a FALSE DMCA COMPLAINT. You are responsible for ensuring your request is not in violation of that law. Requests which are FALSE DMCA COMPLAINTS as per 17 USC 107 or 17 USC 512 will be billed to YOU at $350/hr. Your sending us a DMCA complaint constitutes your acceptance of the law of the land, as well as our willingness to pursue it... but if we have to waste our time explaining to you why your complaint is invalid you agree to pay us for our time.
Upon receipt of a valid DMCA takedown request, Login will forward that on to the system administrator(s) or owner(s) of the system allegedly containing the content violating the copyright. Login does not own these systems. Login complies with all of the laws of the land including 18 USC 2702. Login will not volunteer private information absent a valid court order.
Though at a higher cost and depending on your location, you may able to get sufficient coercivity to simply facilitate your own hosting.
Setting up your own Linux-based web server is quite easy for the technically inclined.
Then you are free to respond to bullshit DMCA requests with, "are you prepared to commit perjury by filling a false and dubious DMCA claim?"
The DMCA is not related in any way to trademark resolution processes.
Host the sites yourself. CPUs and bandwidth has never been cheaper.
I have been using a company called EDIS.
They ignore DMCA. edit(dot)at should help you out.
I work at a Swiss hosting company - few corporate entities from the US go as far as getting a court-order from a Swiss judge (which we require before we do anything).
We get tons of bogus "Hi, I work for
We all tell them to come back when they've got a court-order signed by a Swiss judge. Registered mail.
But of course, unless you also live in Switzerland, the lawyers will eventually just target you directly.
It helps to filter out all the "noise", though - I admit.
Additionally, you've got to choose a hosting-provider that has no US ties - else they just go via the US HQ and then you're back at square one...
Windows 2000 - from the guys who brought us edlin
I have found dreamhost.com to be particularly level-headed when dealing with DMCA-based bullshit. And yes, my opinion is based on a series of experiences with DMCA-trolls.
It's one thing to fight for what is legitimately your copyrighted content. But quite another when you're hosting other people's copyrighted material, to whom your customer may not have a distribution agreement with.
It's harder in cases where your customer's work contains a portion of someone else's work, and your customer and the copyright owner disagree on whether this use is a fair use.
It's getting to the point that in some circumstances, avoiding selling anything to USA customers saves tonnes of money and time with expensive lawyers... at the cost of 330 Million potential customers... but hey... there's over a 1 billion other internet users out there and growing.
Among sufficiently affluent English-speaking countries, the United States has a supermajority of potential customers. Into how many languages will you need to translate your product or service to reach the next 330 million potential customers?
Find yourself a good Seedbox out of the country.
We should learn what we need to know about issues, before we decide what we need to feel about them.
Fist yourself.
...Clinton demonstrated that the only way for moderate Republican to be elected to the Whitehouse is as a Democrat.
I used to work for GKG.NET and I wrote the DMCA policy that they use (I doubt it has changed in the last year). When we received a DMCA notice, it had to contain all sections of the notice in full.
In order to have an allegedly infringing web site removed from a service provider's network, or to have access to an allegedly infringing website disabled, the copyright owner must provide notice to the service provider with the following information:
The name, address, and electronic signature of the complaining party [512(c)(3)(A)(i)]
The infringing materials and their Internet location [512(c)(3)(A)(ii-iii)], or if the service provider is an "information location tool" such as a search engine, the reference or link to the infringing materials [512(d)(3)].
Sufficient information to identify the copyrighted works [512(c)(3)(A)(iv)].
A statement by the owner that it has a good faith belief that there is no legal basis for the use of the materials complained of [512(c)(3)(A)(v)].
A statement of the accuracy of the notice and, under penalty of perjury, that the complaining party is authorized to act on the behalf of the owner [512(c)(3)(A)(vi)].
We would get notices that requested that we remove a website (or it's content) and one of the above was missing. So we wouldn't act, instead we replied back to the complainant, and inform them that they must adhere to the law and submit the full information. We'd also not tell them specifically what they were missing (it's their job to do their homework, not ours)...
Then we would contact the owner of the site (domain or website) and let them know that we had received an incomplete DMCA takedown notice. That would give them time to correct the issue before the complainant came back with corrections.
I hate the way the law is written, it does not protect the ISP/Registrar/Hosting provider and a while filing a fake notice is not allowed, it happens all the time and no one enforces that.
This is a reasonable question from a person who doesn't know much about how the DMCA is written. Here are a couple of issues to keep in mind:
i) What does it even mean to "handle these complaints in a reasonable manner, and filter out the ones that are obviously bogus"? What is "reasonable"? Where do you draw the line at identifying "obviously bogus"? A person's name could certainly qualify as IP protected under the DMCA, although the fact pattern would have to fit a narrow set of conditions, it's far from impossible. It's not the role of an ISP to make such calls, nor would we want one to, IMO. I'm not saying that it's impossible to identify content that could not possibly be within the DMCA -- I'm saying that it's not up to an ISP to determine on which side of the fuzzy line borderline cases should fall. And that's why the burden of identifying a nonfrivolous and nonabusive takedown should not fall on the carrier.
ii) The DMCA has a well-defined protocol for asserting, responding to, and overcoming a takedown request. If the alleged IP owner follows the procedure, the ISP must take down the alleged infringing content, or become liable as a contributory infringer. The DMCA also requires the ISP to notify the poster of that content. If the poster responds with a plausible explanation (again, conforming with the formal requirements of the DMCA) of why the content is not infringing, the ISP must then put the content back online and allow the two parties to pursue further legal interaction.
iii) Bottom line is that, surrendering to an ISP responsibility for determining if content is truly infringing opens an enormous can of worms, shifts burdens to the wrong party, and places the ISP in an unworkable position. If a party alleges a cause of action against a 2d party, in our legal system, it's generally the 2d party's responsibility to defend itself. That means, of course, that you could be nibbled to death by ducks if some content holder decides to abuse the DMCA by repeatedly asserting frivolous claims under the DMCA. But that's true of almost any law (think about patent trolls).
Having said all that, if you can find an ISP that generally ignores all but the most obvious DMCA takedowns, god bless ya. It's a pretty stupid fucking ISP, IMO, that ignores the safe harbor written into the DMCA expressly for its benefit by potentially siding with true infringers. But the result is still in your favor.
simple as that ... because why the heck should anyone in country X care about a DMCA request?