Seems like the MPAA have given popcorntime some free marketing.
Reading the DMCA notice though, does it really apply to a repo of code?
Their argument is that it can access infringed content (but so could a web browser, or network media player, etc) and that MGM vs Grokster means that "the distribution of a product can itself give rise to liability where evidence shows that the distributor intended and encouraged the product to be used to infringe". But if Github can be considered the distributor of the product (rather than just the hosting company for source code) then I'm not sure Github have ever intended or encouraged use of the product to infringe, or indeed whether Github have any interest in the use of code hosted in repositories by them.
Do Github just roll over on DMCA requests? Or will they challenge ones like this where an entity is requesting a takedown even though the code itself contains no infringed content and Github have not encouraged use of the code to infringe?
Github is legally required to do so, if they don't they're legally on the hook. The whole point of DMCA Title 2 (the Online Copyright Infringement Liability Limitation Act) aka DMCA 512 is to create safe harbour for service providers (protect them from liability), but to claim safe harbor requires:
1. not financially benefiting from infringing activities
2. not be aware of obviously infringing activities before being noticed
3. act expeditiously to remove the purported infringing material upon receiving a notice
Point 3 has two clauses: purported infringing material means the service provider must not make any attempt at judging whether the infringement is real, if he does that he becomes liable because he's injected his own judgement in a case previously between the copyright owner and the purported infringer.
The first clause has not been tested in courts (for precision), it's generally assumed to mean "under 24h" or at least "as soon as feasible" (e.g. ops may not be available over week-end). The service provider is not supposed to contact anybody before taking material down although he is free to notify the purported infringer before or while taking the content down (as long as takedown remains "expeditious").
Github can challenge a DMCA request, but in that case they lose their safe harbor provision and are on the hook if the DMCA was valid.
"DMCA notice is obviously invalid (e.g. misrepresentation cases)"
This DMCA notice is obviously invalid, as it is a claim not that the source code identified infringes copyright, but that activities performed by users of a program that is compiled from source code that can be found on github, infringes.
It's not even a remote indirect claim. There is nothing about the source code, as source code, that infringes.
Just because you can make out a possible copyright claim against someone in court does not mean you can form a valid DMCA notice about it :)
You're missing the point. Under the DMCA, the service provider doesn't get to make that judgment. If it receives a notice that complies with the bare requirements of the law, it must remove the allegedly infringing material, and the user may then challenge the notice as "obviously invalid."
Followup after actually reading the law. 17 USC 512(c)(3)(A)(iii) provides that a notice includes "Identification of the material that is claimed to be infringing or to be the subject of infringing activity..."
Popcorn Time is the subject of infringing activity, and hence this would be a valid takedown notice.
I'm the person in this discussion who is not actually a lawyer, but: it's not like "loss" of safe harbor is a landmine that blows Github's face off, right? They still have to be found contributorily liable for Popcorn Time, which would be a very difficult case to make given how Github works.
You also don't "lose" safe harbor, right? It's applied on a case-by-case basis.
I acknowledge that one very good reason to be careful about this stuff is to stay out of court, regardless of the fact that Github would inevitably avoid liability.
Right, it's a case-by-case "loss" of the right to use the safe harbor as a defense against infringement claims. But copyright infringement claims have sizable statutory penalties per act of infringement (up to $150,000), so it's a very important for a content site to maintain that safe harbor. Perhaps more importantly--the safe harbor also prevents them from being dragged into court and spending a ton of money on legal fees defending themselves.
In this case, what is being alleged is that Popcorn Time is being used for infringing activities. If Github had not responded to the DMCA notice, it could be successfully argued in court (remember, it's a jury of laymen that make this decision) that Github knew that PT was primarily used for an infringing purpose and continued to host PT despite this knowledge. This could have exposed Github to a finding of willful infringement, which carries the aforementioned $150k penalty. (Github and PT would both be defendants in such a case, but as the deeper pockets Github would be the primary target and the one required to pay up in the event of a loss.)
"You're missing the point. Under the DMCA, the service provider doesn't get to make that judgment. "
Actually, they do. Look, I'm a lawyer who, among other things, helps process DMCA requests. The service provider does not have to comply with obviously invalid DMCA requests to maintain safe harbor. In particular, things that are not properly the subject of a DMCA request are invalid requests, no matter how "well formed" they otherwise seem.
Alternatively, under 512(c)(3)(B)(ii), github could have asked them if they were the authorized owner of popcorn time, or otherwise attempted to get them to clarify.
"Popcorn Time is the subject of infringing activity, and hence this would be a valid takedown notice.
"
Err, no. Subject of infringing activity is talking about websites that host files for users, not source code to programs that, 65 steps later, may possibly be used to infringe.
As 512(c) itself says, it is "for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider"
IE direct hosting.
(one of the other subsections deals with linking sites, and that clearly doesn't apply either)
Please explain how github's storage of source code of popcorn time, alone, is somehow infringement of copyright (hint: there is no legal theory where it is, any more than there is a legal theory that owning the machinery to a printing press is).
It's way too remote a connection to be "the subject of infringing activity", and no court has ever held otherwise.
As for whether they get to make this decision, in order for it to be a valid DMCA notice, it has to be directed at something valid to be filing a notice for under 512(c). It isn't. It's not a valid notice, no matter how formal it looks.
Additionally, it requires
"A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law."
The material complained about is popcorn time. They cannot possibly validly make a statement that popcorn time is not being used as authorized by the copyright owner, it's agent, or the law, as the use is clearly authorized by the copyright owner of popcorn time.
Instead, they made a statement that operating and further evelopment of popcorn time causes a bunch of stuff that, later on, may cause something unauthorized by the copyright owner.
Here is the exact statement the MPAA made:
"occurring by virtue of the operation and further development of the GitHub projects Popcorn Time, and Time4Popcorn (the “Projects”)."
This is not a valid claim under 512(c) or 512(d), and i'd challenge you to find a case that says "operation and further development of a project" is the proper subject of a DMCA notice under 512(c).
The proper thing for the MPAA to do, if they wanted it down, was file a contributory or indirect infringement case against github.
Sorry. I removed it. It caused too many annoyances, to be honest (though i'm generally happy to chat with people from HN, it's not too hard to find me :P).
Subject of infringing activity is talking about websites that host files for users, not source code to programs that, 65 steps later, may possibly be used to infringe.
This language also refers to computer programs, such as Napster, et al., and by extension to the websites that host them.
If your employer is willing to gamble on its safe harbor exemption by making its own judgment about whether the substance of a notice is adequate, that's fine. If a copyright holder decides to pursue a matter further, your employer may be willing to accept the legal cost of defending itself in court from an invalid copyright infringement claim it shouldn't have had to fight in court. But most websites and businesses aren't in the same position, and would rather just avoid court (and the attendant costs) altogether by accepting a DMCA notice that is, on its face, valid under the law as presently written.
Instead, they made a statement that operating and further evelopment of popcorn time causes a bunch of stuff that, later on, may cause something unauthorized by the copyright owner.
Until recently, the PopCorn Time website, hosted by github, provided executable files that would provide access to infringing content on startup. It's an even worse example of contributory infringement then Napster or Kazaa were; those programs at least required the user to search for infringing material first.
The proper thing for the MPAA to do, if they wanted it down, was file a contributory or indirect infringement case against github.
They can't do this until and unless GitHub fails to properly respond to the DMCA notice. The whole point of the safe harbor is that a content hoster is protected from infringement actions so long as it responds to DMCA notices. Maybe you should work on the litigation side before you talk about the mechanics of how things work once a court gets involved?
"This language also refers to computer programs, such as Napster, et al., and by extension to the websites that host them.
"
No, it doesn't.
Napster itself was not the subject of a DMCA take down
It was the subject of a copyright lawsuit. Nobody filed DMCA notices about the hosting of Napster binaries.
Napster in fact, sought protection under 512 for other reasons.
"that is, on its face, valid under the law as presently written."
I don't know how many times i have to say this DMCA notice is not valid on it's face.
Do you think if i file a DMCA notice, and tell you to take down something because it is infringing my patent or trademark, that it is a valid DMCA notice?
Assuming not (because if yes, there is simply no hope for this discussion), what legal difference do you believe exists between that, and a DMCA notice also not targeted at something statutory to DMCA, like this one?
"They can't do this until and unless GitHub fails to properly respond to the DMCA notice. "
False. This assumes they were going to sue for direct infringement of a user hosted file. They weren't.
Wouldn't a properly formed DMCA complaint in this case be one of the few times you could commit perjury with one?
There's no way they have any good faith belief they own the copyright to (or are authorized by its holder to act in their stead about) the material explicitly named.
I'm just going to assume that their lawyer is smart enough to not have filed a DMCA notice, as such, and just send a thuggish letter instead.
Probably not. The MPAA knows how to well form a notice for this, the fact that they didn't in this case doesn't mean they won't in the future.
Expecting Google, GitHub, or anyone else to protect you when you are writing an app/service like popcorn time is dumb.
But that is a different argument than the one being made here.
The question here was whether ISP's or hosting services can ever push back. They can.
One of the bare requirements is a statement that the complainant has a good faith belief that the material itself is infringing. This letter says they have a good faith belief that the PopcornWhatevers are being used to infringe. They then back that up with citations of related cases. This request doesn't meet the bare requirements you mention, they're chancing it.
No, you need to read the actual law, 17 USC 513(c)(3)(A)(3), and the cited cases.
The statute on its face doesn't require actual facts of infringement to be included in the notice, only a good faith assertion that infringement (or use in infringing activities) is occurring. Consequently, that allegation is sufficient for purposes of the DMCA notice. Indeed, that is the holding of the cited cases, which are included with the notice to show that courts have found that a good faith belief of infringement is sufficient.
How is #1 not always true? In its early days, YouTube extensively benefitted from (then) copyright-infringing music, perhaps not directly via ads but certainly indirectly via a larger user base.
And because Netflix contains wildly different content in different regions.
My parents use Netflix and I recently got a request from them to set them up to access US Netflix. I didn't even know they were aware of the difference, but they are, and they're sick of the crap that shows up on our side of the boarder.
Not Netflix' fault, and I'm elated that they're pressing the ISP issue, but there are valid concerns about content as well.
Netflix adjusts to whatever region you're in, so getting "US Netflix" isn't going to work for your parents. You're going to need to set them up with something like www.unlocator.com which can spoof their region. Once they turn it on it will open up a lot of titles with their existing Netflix account.
I read it as they wanted a "US Netflix account" which is really no different than having a "UK" or "Canadian" Netflix account. Netflix doesn't make the distinction between where the account is, only where your IP address is located. This is in contrast to a company like Amazon where purchasing something from amazon.ca or amazon.co.uk is much different than buying from amazon.com. I'm not sure how this effects watching Prime when you're traveling, though, and if it's also IP based.
At any rate, I don't think the implication is obvious.
amz is ip biased, as is google. apple is the only content provider i've found that works traveling abroad (minus vpns/tunnels) as they associate content to account based on cc billing address (though they have terms to indicate otherwise).
Not only that, is that Netflix (insert country other than the USA here) has a much smaller cache of films and TV shows that disappear and appear seemingly at random and without notice.
Netflix fails to offer many titles with the full high bitrate DTS-MA audio track that is available via popcorntime. Even for discs (not streaming), popcorntime wins on quality.
Netflix claims they are just using the product made available to them since the content publishers issue "rental-only" discs with inferior quality product. Apparently Netflix lacks the buying power to influence the quality of product they can make available to their customers.
The DMCA doesn't say "use your judgement to decide whether you think a takedown request is valid or not". It says "you must prosecute all syntactically valid takedown requests, and if someone sends invalid ones they can be sued".
Most specifically, GitHub has no legal standing to challenge a takedown request. The uploader of the targeted content is the only one who can challenge.
There are basically zero places online hosting content from 3rd party entities which do not honor DMCA takedowns. Given the size of copyright violation penalties, ignoring them is tantamount to corporate suicide.
"There are basically zero places online hosting content from 3rd party entities which do not honor DMCA takedowns."
This is false. I was personally involved in one very large one (190k+ source code projects) where we pushed back on clearly invalid legally (but not syntactically) DMCA requests all the time, such as for trademark violations, or claims for source they didn't own, or ...
I think you missed the point of Google Code. Google Code was not intended to "win". Google Code was intended to provide an alternative the worsening monoculture of Sourceforge, because it was becoming actively harmful to open source. In that, it succeeded wildly.
Github does not appear to be a worsening monoculture (though it is, in a lot of ways, a monoculture).
Github is required to instantly remove infringing repositories when a DMCA request comes in. It is up to the repository owner to file a "Counter Notification" at which point the repository will be reinstated within 10-14 days.
> In order to maintain safe harbor, Github is only required to remove things in response to a valid DMCA notice.
Which is a dangerous bet to make, if they mis-classify a request as invalid they've lost their safe harbour and can be sued. It's easy to understand why they'd take the content down straight.
That's not entirely true. A website operator is not compelled to remove content on the receipt of a DMCA notice. If Githib fails to remove the content, they lose their 230 safe-harbor protections, meaning they could be sued for secondary liability for copyright infringement.
Github definitely has compelling incentives to remove content on receiving a DMCA notice. If they receive a notice that they think is completely bogus, they do have the option of not responding to it.
To clarify would they lose safe harbor site wide or be on the hook for this specific infringement if held up? If they choose to ignore, get challenged and lose do they lose safe harbor on all content after that?
Only to the content in the DMCA. But that can be very expensive. Do you think Github wants to fight a copyright suit on behalf of something obvious pirate software?
It's not at all obvious they'd lose. Github is not violating anybody's copyright. They're only distributing source code, presumably with the full consent of the authors.
Github doesn't need to violate copyright. Github would be sued under a contributory infringement theory (i.e., the same one that took down napster and kazaa), and could be found liable for the infringement committed by others. The point of the DMCA safe harbor is that by responding to takedown notices (and by not deliberately hosting infringing material), they are immune to infringement actions for hosting infringing material.
That's incomplete, you can also file DMCA takedown if you're the owner, an agent of the owner, or if the content is obviously illegal, as per 17§512 (c) (3) (A) (v):
> A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
(emphasis mine)
Of course the third case is a very dangerous game to play, if you're DMCA-trolling (filling false notices) you're guilty of misrepresentations which is covered by 17§512 (f):
> Any person who knowingly materially misrepresents under this section—
> (1) that material or activity is infringing, or
> (2) that material or activity was removed or disabled by mistake or misidentification,
> shall be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of the service provider relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.
The copyright to the code of Popcorntime is held by its authors so a DMCA takedown on the code can't be issued on those grounds. However, it acts as a technology circumvention device (in a circuitous way) since it provides access to media that originally was encrypted.
17§1201 a.2:
No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—
(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
17§1201 a.3.A:
to “circumvent a technological measure” means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and
You're missing the relevant portion of the law. For a DMCA takedown notice for code, it doesn't matter who owns the copyright for the code. It is sufficient for purposes of the DMCA notice to allege that the code is being used for infringing purposes. 17 US 512(c)(3).
Well, you can, but that would be fraudulent. But whoever you sent the DMCA takedown notice to, it's not their concern and not their duty to check whether you're the rightful copyright holder or not.
Does this mean that someone could take down all of github by sending (fraudulent) DMCA takedown notices for every single repo (from some fake return address)?
And then it would then be incumbent on the users to fight that?
No. The main requirement for a DMCA request to be valid is that it come from a real entity. If you sent them with a fake return address they wouldn't be valid DMCA requests anymore.
That said, yes the DMCA can be abused. The check against that is the same check that exists against other kinds of fraud: it's illegal.
You can. It's just that the actual owners will probably sue you for doing so against their work if they've given permission to legally access it and you try to revoke that with a DMCA.
If it's wildly inferior than the stunted US version, it must be pretty much useless. These days, I watch shows on http://ororo.tv/, but doubt it's very legal.
I believe that's exactly what the DMCA requires that GitHub do. If GH want to continue to get the advantages (for them) of the DMCA (i.e. safe harbour protection), they need to just follow it without question.
The source code is clearly not biased towards playing copyrighted content. If this DMCA notice is respected, any bittorrent related project should also be banned.
> smooth experience (and when you've got Netflix why bother?)
I had a smooth experience, and Netflix! You've got to be joking the content on Netflix is poor popcorn time has a much better library. Just download it and have a look no wonder you claiming such things if you've never used it.
I have Netflix too and sometimes I download a movie before even checking if it's available on Netflix because there is so many titles missing when you are streaming...
I don't think it's just that it can access infringing content. I think it's that it was designed with the sole intent to watch infringing content. When you install and run it, it doesn't appear to have any non-infringing content available. Seems a lot different than saying they could just go after a generic web browser or a media player.
I look forward to their next DMCA notice to GitHub, to take down their takedown notice, since it contains copyrighted images.
I don't understand how playing an unlicensed torrent makes the source code to the software infringe on the DMCA. Shouldn't they also send pictures of the computers which are running Popcorntime to the computer manufacturers and tell them that they are infringing for enabling Popcorntime? And pictures of the running software to GNU for creating the compilers that compiled the code?
>I don't understand how playing an unlicensed torrent makes the source code to the software infringe on the DMCA.
Because when all you have is a hammer, all of your problems begin to look like nails.
The DMCA gives the MPAA a hammer to go after copyright infringement. It is significantly easier to just apply that hammer to the hosting company of the software to try to make the software go away than it is to apply that hammer to the actual copyright infringement (one application vs. thousands of applications). So they just apply the hammer to that which they can apply it.
Note that github's dmca process explicitly states that takedown requests include an oath at risk of committing criminal perjury for knowingly false statements about copyright claims. We need to get a prosecutor to start trying these cases and putting people in jail to curtail the dmca mills and over-aggressive claimants.
Presumably Popcorntime could counter file and that would then free up Github from responsibility under the safe harbor clause.
When I first learned about Tor and the way it worked I always figured there would be a Tor equivalent of Github out there. The recipe for building such a site is pretty straight forward. Add a tor:// URI to git and there ya go.
If GitHub didn't allow Popcorn Time to contest the DMCA notice, that's a pretty big black mark against GitHub. It's reasonable that Popcorntime wouldn't want to get involved in a legal dispute, but a simple "no, we own this code and all copyright to it" should be sufficient.
That end users of popcorntime can use it to violate copyright (although it's not a circumvention tool per se) isn't Github or popcorntime's problem.
that isn't how the DMCA works. unless github wants to become liable for everything anybody uploads to their site, they have to take down whatever a DMCA notice tells them to take down. Popcorntime can contest it and github can restore the files if the takedown is ruled invalid, but until then github has no options here. The DMCA is very much a "guilty until proven innocent" mechanism.
The ideal, since notice can be email, is to notify the infringer of a DMCA complaint and let them counter respond very quickly, to minimize any service interruption.
There are maximum response times, but no minimums. The entire process can be turned around from notice to "dude, you have DMCA" to "oh, hell no" inside an hour. (EDIT: Actually, this is incorrect. To do this requires various hacks, or accepting liability as the service provider.)
The secret is usually providers actually want to get rid of their DMCA-attracting clients for commercial/cost reasons, so they rarely are willing to make the process of response particularly efficient.
No, there is a minimum. The content has to remain down for at least 10 business days AFTER the counter is received by the hosting provider, to give time for the purported copyright owner to go get an injunction or other relief.
(The counter also requires disclosure of intensive amounts of personal data, which the initial notification does not, but that's probably the smallest problem with the DMCA system.)
Ah! The times when it's gotten restored immediately involved a change in hosting or pointing out defects in the original notice, or the hosting provider accepting liability because the counter seemed sufficiently strong to take a stand. I didn't remember there was an actual 10-14 day lag written into the law.
(Thankfully, I've never been the one to actually handle DMCA issues from the service provider side myself.)
Seems like a good opportunity to use [Gitlab](https://about.gitlab.com/) and a perhaps even a hosted Gitlab install? I know there are commercial hosted Gitlab providers, I can't seem to recall any though - a cursory Google search isn't returning much ATM.
My sarcasm detector is broken, so I can't tell if you're joking or not, but git is distributed by nature. It's only centralized when we insist on putting everything on a single host.
Yes, you're right of course. However seems like having a master git repository server is the best solution for using Git in teams. Especially large teams. Like, all open source project uses something like Github or Bitbucket these days. People aren't going to share patches via email to each other. In any case, you need a place to share code and it's easiest when that is a server that is owned by a single person or entity. Maybe this is where torrent tech could be useful. Magnet links need no central authority or server running to make a central copy accessible. There's just a group of machines running, no central place law enforcement could focus on. When you have thousands of machines across the world, DMCA is not practical.
I had tried out the original popcorn client (for studying the latest techniques of evil hackers bent on destroying the meager livelihood of movie studios) but was only dimly aware of the open-source efforts. Looks like I need to study this open source project for examples of similar offenses now(* ).
Not a lawyer and dont know much about US's law.
But i record there was an incident a long time ago about DVD Decrypter and Free Speech. The end was something that you can't hold the source code accountable.
I thought you cant distribute, or have a binary form of program to downloads for your users, but source code of it should be allowed.
Have I misunderstood the story or have things changed?
I was just thinking about some p2p distributed git, and then I figured we already have it:
Wouldn't it help to just publish a BitTorrent sync url somewhere and host the bare git in that that folder so that it always updates and syncs directly to the cloud?
If they want Safe Harbor protection under the DMCA they have to honor the request. If the author of repository feels the notice is unfair, they could send a Counter Notification which would obligate Github to put the repository back online (and the MPAA's next step would have to be a lawsuit).
Actually, they probably don't have to honor this DMCA request.
DMCA requests may generally only be filed for stuff you actually own. The MPAA does not own popcorn time. There is clearly no direct infringement (unlike a linking site, which would at least be a much closer case)
If you want to stop random contributory or indirect infringement, they should have actually sued in court.
They don't have to honor any DMCA requests, but they'd be waiving Safe Harbor protection and incurring greater risk of getting sued along with the author, should the MPAA decide to go that route.
17 USC 512(c)(3)(A)(iii) provides that a notice includes "Identification of the material that is claimed to be infringing or to be the subject of infringing activity..."
Popcorn Time is the subject of infringing activity, and hence this would have been a valid takedown notice.
The DMCA is the US's implementation of the 1996 treaties of the World Intellectual Property Organization (the bill's formal name in the House was actually "WIPO Copyright and Performances and Phonograms Treaties Implementation Act of 1998"). Most countries you'd want to run a startup in likely have similar laws -- 187 are members of WIPO. The worst thing a falsely filed notice can do is take down a webpage for under two weeks, until a counter-notice goes in effect, while opening the false filer up to criminal liability. The law includes penalties for such bad faith filings.
Really? I'm not aware of other countries that have a "send a letter and content must be removed and you can't be sued". What's (say) the UK's equivalant of the DMCA?
To maintain the benefits of limited liability for their users' actions, a service provider must "act expeditiously to remove or to disable access to the information concerned" upon "obtaining actual knowledge or awareness of illegal activities". The easiest way to make a service provider aware of illegal activities is to notify them with evidence, like the identity of the copyright holder, identification of the original works, and attestation that the copyright holder did not authorize the copies, which are the exact content of a DMCA notice.
So, send a letter (provide awareness of illegal activity), remove the content, and the host can't be sued. That goes for all EU member states; the deadline to implement this directive into local law was back in 2002. Five non-EU-member states implemented it as well. That's in addition to the nearly 100 signatories to the WIPO treaty.
It's true that the format and timeframes of the DMCA system are more formal than the EU directive's requirements, but no matter what part of the world you look in, almost every developed country has formalized such a system in order to limit liability of content hosts for their users' action so long as they take down material under certain conditions. Some of the EU countries did formalize notice-and-takedown procedures of their own even though it wasn't required.
Then they are the target, and will incur many costs. Fine once, maybe, but what about the tenth time? The hundredth? The thousandth?
It's like wanting Google to be the legal shield for everyone committing copyright infringement on their sites. It's not remotely economically feasible.
Not having safe harbor would mean that if anybody posted content to GitHub that did violate copyright, GitHub would be liable and would end up having to fight in court. Even if they won, they would be expending massive amounts of money and effort fighting copyright battles.
These battles wouldn't even be fought "on behalf of their users", because the entities taking them to court would also be taking the end users to court.
Without safe harbour GitHub could be sued for any copyright infringment that any of their millions (?) of users do. It would be a terrible business decision to give up safe harbour.
GitHub has very little discretionary ability when it comes to these requests, if they want to remain safe from prosecution for DMCA cases. It is up to the person receiving the DMCA to file a counter notice.
But this: https://github.com/github/dmca/blob/master/2014-07-11-MPAA.m... ... this is great marketing for popcorntime. It shows it working and giving an experience that looks very much like Netflix.
Seems like the MPAA have given popcorntime some free marketing.
Reading the DMCA notice though, does it really apply to a repo of code?
Their argument is that it can access infringed content (but so could a web browser, or network media player, etc) and that MGM vs Grokster means that "the distribution of a product can itself give rise to liability where evidence shows that the distributor intended and encouraged the product to be used to infringe". But if Github can be considered the distributor of the product (rather than just the hosting company for source code) then I'm not sure Github have ever intended or encouraged use of the product to infringe, or indeed whether Github have any interest in the use of code hosted in repositories by them.
Do Github just roll over on DMCA requests? Or will they challenge ones like this where an entity is requesting a takedown even though the code itself contains no infringed content and Github have not encouraged use of the code to infringe?