I think that the difference is that the RIAA can't look at your GMail account, so they can't know that you have that MP3. Therefore, they will not file a takedown notice.
BUT... (there's always a but =P ), what happens if you upload a video to YouTube, and you save it also in your gmail.
If someone files a takedown notice on that video, should google also delete from your email ? should they also delete it from every other gmail account that holds a copy of that video? Oh man, this is getting complicated...
Files in your gmail are not public. Likewise, files in your Dropbox are not necessarily public. I don't see the problem with removing public links in response to a DMCA takedown, while still allowing private access for those people who uploaded it.
The difference is Goole's relationship with the music industry - this has nothing to do with laws and everything to do with Google's ability to set the agenda.
Even if Megaupload took down files based on hash, there are ways for pirates to work around it. The MKV and AVI video container formats, for example, have loads of places where you could stick a nonce so that the exact same video would produce arbitrarily many hash values.
Or they could simply wrap it in a zip/rar file, with a public (but different) password. Or code it as a video format that the hosting site doesn't know. Old tricks that are basically impossible to block. There are so many ways to recode information that make it difficult to auto-match.
So Locality-sensitive hashing has basically the opposite goal of a cryptographic hash function, where a single bit change in the input should result in a significant change in the output?
What if there's a legitimate, private file uploaded to Megaupload's hypothetical successor, but someone uploads a highly-similar file publicly that gets a takedown notice?
The problem with forcing digital locker sites to remove content by hash rather than by URL is that it's impossible for them to know whether some of the URLs that point to a given hash are legitimate (e.g. a FLAC file being transferred by a musician to their CD pressing company and a select set of friends, but someone leaks the FLAC files and they get re-uploaded and deduped). This problem would be exacerbated by using a fuzzy or locality-sensitive hash rather than a cryptographic hash.
"simply removing a single link to the content while duplicate links were left in place"
I don't know how MegaUpload works. Does that statement mean that a single user uploaded a file and there were multiple links to that file or does it mean that multiple users uploaded bit-for-bit identical files which each had links? The way it's phrased it sounds like the former, in which case it's obviously wrong.
Megaupload took DMCA requests in the form of URLs (21), URLs allow access to a certain MD5 sum indexed file on their CDN (22), they would disable specific URLs to comply with DMCA requests while leaving others active rather than removing the file from their CDN (23) however if the material was child pornography/terrorism they had the ability to actually delete files and all their links (24)
The way I view copyright law (IANAL), this is the correct approach. Each upload of an item to Megaupload is an independent assertion by the uploader that they have a license to put the work in question on the site. _Content_ itself is not prima facie infringing; instead, it is the unlicensed _use_ of the content that is infringement. This was essentially Youtube's argument when Viacom uploaded "roughed up" content to their site [1]. In that case, the roughed up copy as originally uploaded would be a licensed copy, but any copies that other users uploaded, even with the same MD5 hash, would be unlicensed.
On the other hand, child pornography can never be "non-infringing." It is always illegal to knowingly store obscene content, regardless of who stores it. Thus, one link to a child-pornographic file is as culpable as the next, justifying mass removal. This is essentially the argument made by Katherine Oyama of Google at one of the SOPA hearings [2].
I see music as an interesting situation. It is legal to rip music (Google/Amazon both have cloud services) and multiple users could easily rip and upload identical files. However it wouldn't be legal to share that ripped file. In that case you'd want the infringing file to still exist but only be accessible to the user(s) who uploaded it.
Property rights in the digital age sure is complicated. :(
The first one, but with different links. If you uploaded something that is 100% equal to a file that was already on Megaupload servers it would take just a couple of seconds, Heck! If you were premium there was even an option to copy a file to your Megaupload account (with a different link).
> The complaint says that when notified under DMCA of an infringing file, present at a link, say megaupload.com/dark-knight-video-rip.iso that MegaUpload WOULD in fact remove the link, but that they would NOT remove the file, or remove links at say, megaupload.com/dk-knight-dvd-rip_O_o.iso, even if no DMCA takedown notice occurred for that particular link.
it would be great to know if its possible they had an insider. how otherwise would they know that other links linked to the same content were linking to exact the same file that DMCA note was sent to take down. Otherwise it was unfair and thats the purpose why safe harbour exist -- it protects you a small company from millions of users uploading their content and being shorthand or not having boots to check each and single file whether it violates someones copyrights or not.
> Consider this totally legal (for me) scenario: I rip the Dark Knight DVD, and place it in Dropbox as a legal backup of my content. I share the link with nobody; it's just mine, all mine.
I am not sure if this is entirely legal.
First you say you didnt make a copy, but "rip". Its called ripping because DVDs content is locked with an encrypted key, so locked DVD with a movie is not just a folder with files you can copy over to your desktop. Years ago there was a movie when they forgot to lock the key and based off of it software developers were able to build a key decryptor for any encrypted DVD. Most DVD ripping software is illegal throughout the world, at least some software vendors got lawsuit over their software functionality.
Further, while I dont have a link handy, but I recall there was a discussion on HN that 9th circuit make it illegal for anyone to stream any copyrighted content, whether to themselves or a group of people. So uploading it into cloud and then getting it back out of it technically is illegal, AFAIK, but that was month ago when I saw this posting.
>> Consider this totally legal (for me) scenario: I rip the Dark Knight DVD, and place it in Dropbox as a legal backup of my content. I share the link with nobody; it's just mine, all mine.
>I am not sure if this is entirely legal.
He didn't choose a good example, because that would probably be a copyright violation. A better example would be: I'm a small independent software vendor. I sell copies of my software (which I own the copyright to 100%) and distribute them via private MegaUpload links. Someone else decides to upload a copy and distribute the link freely, so I file a takedown notice. Should my original copy also be deleted?
Hmm, MGM claimed that ripping a CD was legal to the SCOTUS, and I am certainly allowed to circumvent CSS on DVDs for non-infringing purposes, but I think my argument holds just fine if you substitute an ISO of Snow Leopard, a DVD I finally found in my basement recently.
I find the claim that I can't remotely backup the ISO over the internet surprising -- I have never even heard of such a stance.
2. Permitted License Uses and Restrictions.
A. This License allows you to install and use one copy of the Apple Software on a single Apple-labeled computer at a time. This License does not allow the Apple Software to exist on more than one computer at a time,and you may not make the Apple Software available over a network where it could be used by multiple computers at the same time. You may make one copy of the Apple Software (excluding the Boot ROM code) in machine-readable form for backup purposes only; provided that the backup copy must include all copyright or other proprietary notices contained on the original.
This is my point, exactly. A backup to a private DropBox folder of the iso is clearly fine even by Apple's own terms, regardless of what the law says.
However, a backup to a public Dropbox folder with a known, distributed link is.
So far so good. The question is, does DMCA require both to be taken down for a given notice, because they hash to the same file in the Dropbox database?
Copy #1: the installed version of the OS (permitted)
Copy #2 (backup): The .iso file in your local dropbox folder (permitted if on the same computer as #1)
Copy #3: The .iso file on dropbox's primary storage array (not permitted - second backup copy)
Copy #4: The .iso file on dropbox's high availability storage array (not permitted - third backup copy)
Copy #5: The .iso file as copied to any other of your subscribed dropbox clients (not permitted - forth backup copy)
Not to mention the fact that copies #3 and #4 seem to obviously qualify as "available over a network where it could be used by multiple computers at the same time"
While I understand that there may be some difference in interpretation about these clauses I think you should reconsider your working definition of the term "clearly".
> "available over a network where it could be used by multiple computers at the same time"
To me, they're clearly describing a network boot setup. i.e. you only have one installed copy of the OS, and you have a bunch of (possibly diskless) client machines boot from that single copy via netboot or similar.
To me, they're clearly describing a network boot setup.
Both "to me" and "clearly" will get you into serious trouble when dealing with legal matters. The likely outcome is that, if Apple decided to file a civil suit, or a prosecutor found grounds for criminal copyright infringement prosecution, the prosecuting attorneys would use whatever interpretation is in their favor.
"Used" is a word with a very broad definition. It doesn't just mean "run as primary operating system," it could also mean "capable of reading any of the bits of," or "looked at metadata of." The interpretation of "at the same time" is also rather flexible.
I'm not saying Apple will hunt you down and sue you (to paraphrase Jon Stewart). I'm saying, unless you're a lawyer, and you have another lawyer representing you, it's best for us non-lawyers not to think we understand legalese.
That is a licence agreement, not the law. (I realize they uses OS-X for the example, but it was a bad example because the Apple license confuses things)
Apple could licence you to only use their operating system while wearing white robes and chanting to Steve Jobs, and if you agreed to the license that would have rights against you.
This is not a question of license, which a user may or may not have agreed to participate in. By simply purchasing media I obtain all fair use rights -- I can make a backup of it without ever engaging in a license agreement.
Oh, this is convoluted. Does "Apple Software existing on a computer" encompass both a computer on which it has been installed and a computer holding the iso? Is a copy of the iso on your hard-drive considered a machine-readable backup?
The current DMCA exceptions granted by the Copyright Office[1] do allow you to circumvent CSS, but only for very specific educational or such use. Making a personal backup copy does not fit the criteria and thus is illegal, even though that is is normally allowed under just copyright.
There are other reasons to be careful and get legal advice if you have any reason to worry. They have said that they cannot exempt you from the "trafficking" provisions that cover the tools to circumvent things.
So it's pretty easy to hit a Catch-22 where you're "allowed" to do the act itself, but it's difficult or impossible to legally acquire the tools needed.
From the Jargon File: "Rip: 1. To extract the digital representation of a piece of music from an audio CD. Software that does this is often called a “CD ripper”." (http://catb.org/~esr/jargon/html/R/rip.html)
Just remove all the links to the file contained in public (shared) folders.
If the file is in a private folder, maybe it's a private backup, so you should not delete it. You may even display an alert to the user when he logs in, asking to confirm if they hold rights over that file (yes/no). If they click on No, you delete that link too. If they click yes, well... you are not a cop, so you are not obliged to investigate if the user is telling the truth. Anyway, being in a private folder, the copyright owner will never know the file is there. And you can still mark that file (or hash) for never being able to be set as public again in the future.
we called it ripping when it was just audio cds with no drm whatsoever, if im not mistaken.
the dmca makes it illegal for you to distribute drm-circumvention tools with some exceptions, but it does not make it illegal for an individual to make a personal copy of anything.
as for the hashing stuff, dropbox etc, that could be considered simply a form of optimization on their part. if its about removing infringing links from their site, and they do, then they have complied. why should they be under some legal obligation to remove links not identified in the takedown notice simply because they used a clever deduplication mechanism, when another site without such a mechanism would not be?
Lets make it even clearer... what if it is my original work, up on dropbox, and i find someone distributing it illegally on another link at dropbox, and serve dropbox with a takedown notice. It would be absolutely wrong to remove my content from my account.....
at some point were going to haveto distinguish between posession of data and distribution of data or this will just get ugly.
if you want to make 800 copies of Windows and never use them or distribute them, there is no public or private harm done, though it would violate current copywright laws. time to have the law catch up with the future.
Technologist love to think through the technical implications of something, and assume these implications will be carried through legally.
The law doesn't work like that. Provided Dropbox adheres to both the letter and the spirit of the DMCA - or works with complainants to develop an arrangement both are hppy with the technical details DO NOT MATTER.
If it only was so simple... no matter what, it costs companies such as Dropbox a lot a lot of extra effort to appease all possible companies that can file complaints. That could cause them to go out of business, to have to charge more money, and/or be really restrictive to what files and users they allow.
A net loss for all users of the internet, especially law-abiding ones.
It does. The technical implementation can have a lot of effect on the chilling effect of a law.
Let's take the extremes. If the technical implementation is "we'll send a drone to fire a missile at your building", people will be much more scared to take any risk at all of hosting user-generated content than if the implementation is "you'll get a warning and a $5 fine".
Everything considered, "We'll arrest you and everyone that works for your company and nuke your DNS entry" is pretty chilling. If they only punished bank misconduct that hard...
I don't see this happening - each file on Dropbox must have an ACL of sorts, otherwise I could access any private file simply by knowing its URL. A takedown of a public file could therefore only apply to specific users by modifying the ACL.
The MPAA has a clear opinion about uploading your ripped content, even to someone who doesn't give it to somebody else. The MPAA would still say both copies of The Dark Knight are illegal. (Note that this is not exactly what assistantpilot said; I tweaked it on purpose since I can be more definitive, and it's relevant to the original link. You are also free to disagree with their assessment. I do, but I wouldn't care to argue it in court.)
However, the poor choice of example doesn't negate the underlying point. Bits don't have color [1], and in general just because Alice shouldn't have a file in her cloud file store doesn't mean that there is nobody who does have the right to put the exact same file in the cloud store. There's no way to tell.
In some ways that's the worst part of SOPA from a philosophical point of view.... what the law essentially demands isn't even possible. It is not possible for Google to look at a file and tell if it is legal or not. They can make some guesses, but on Internet scale they can't know, yet the law requires them to know, then act, or face the consequences. This is not possible, neither in theory nor in practice. Laws that require the impossible are just obscured tyranny.
That article is about a guy who shared legally ripped music over the Internet. Big difference. I don't think this is as legally fuzzy a topic as you make it sound.
a similar article made me think if I ever owe any digital audio whether from my own CDs or from internet, I would have stored it on encrypted drive, preferably encrypted with more than one encrypting algorithm, and either download from work/starbucks etc, or at least owe wireless router so if they go after me, I could claim someone was using my wireless router without my knowledge. I could just hope case against me wouldnt be that strong that they would weight between me giving out a key to my hard drive and lets say 15 hard years in jail.
EDIT: and then in court I would say I forgot the password because I havent been using this drive for a while now.
I've thought through similar scenarios multiple times, and then when I am about to post any of them online, I realize my post would probably be read by any competent investigator and it would be turned into an additional premeditation-based charge.
It definitely sucks having to consider how my comments will be construed in the future and what rights may be retroactively taken away due to intense lobbying and legislative ignorance.
