Automated 'Content Protection' System Sends Wave Of Bogus DMCA Notice Targeting Legitimate URLs
from the don't-worry,-humans.-the-bots-won't-ever-do-this-job-well. dept
Yet another content protection service decides it’s better off letting the machines do the work, with predictably catastrophic results. The EFF first noticed the DMCA abuse being committed by “Topple Track,” a content protection service offered by Symphonic Distribution. Symphonic talks big about its protection service, pointing out its position as one of the “leading members” of Google’s “Trusted Copyright Program.”
The thing about trust is that it’s hard to gain but easy to lose.
Topple Track’s recent DMCA takedown notices target so much speech it is difficult to do justice to the scope of expression it has sought to delist. A sample of recent improper notices can be found here, here, here, and here. Each notice asks Google to delist a collection of URLs. Among others, these notices improperly target:
EFF’s case page about EMI v MP3Tunes
The authorized music store on the official homepage of both Beyonce and Bruno Mars
A fundraising page on the Minneapolis Foundation’s website
The Graceland page at Paul Simon’s official website
A blog post by Professor Eric Goldman about the EMI v MP3Tunes case
A Citizen Lab report about UC Browser
A New Yorker article about nationalism and patriotic songs
Other targets include an article about the DMCA in the NYU Law Review, an NBC News articleabout anti-virus scams, a Variety article about the Drake-Pusha T feud, and the lyrics to ‘Happier’ at Ed Sheeran’s official website. It goes on and on. If you search for Topple Track’s DMCA notices at Lumen, you’ll find many more examples.
Topple Track’s failures came to the EFF’s attention because it targeted one of its URLs, supposedly for infringing on artist Luc Sky’s copyright for his song “My New Boy.” The page targeted by Topple Track discusses the EMI lawsuit against MP3Tunes — one that has been on the EFF’s site for eight years. If Luc Sky even exists (the EFF could find no info on the artist/track), the discussion of a long-running legal battle certainly didn’t contain an unauthorized copy of this track.
Presumably Topple Track has customers. (The “Luc Sky” dead end isn’t promising.) If so, they’re being ripped off by DMCA notices sent in their names that target tons of legit sites containing zero infringing content. The URLs targeted have no relation to the name/title listed as protected content and it’s impossible to see how an algorithm could do the job this badly. There’s obviously no human interaction with the DMCA process Topple Track employs, otherwise none of the DMCA notices listed would even have been sent to Google.
What did we say about trust?
Google has confirmed that it has removed Topple Track from its Trusted Copyright Removal Program membership due to a pattern of problematic notices.
Symphonic has commented on the debacle, claiming “bugs in the system” resulted in the wave of bogus takedown notices. Possibly true, but all it would have taken was a little human interaction to prevent this abuse of the process and this PR black eye.
Filed Under: automated, censorship, dmca, takedowns
Companies: symphonic distribution
Comments on “Automated 'Content Protection' System Sends Wave Of Bogus DMCA Notice Targeting Legitimate URLs”
“Google has confirmed that it has removed Topple Track from its Trusted Copyright Removal Program membership due to a pattern of problematic notices.”
Not far enough. They should also retroactively reverse any delisting that has happened as a result of claims from this company and let them have it out with their clients about the wasted time and money.
The problem with this sort of thing is that the bogus requests were spotted because they are so blindingly obvious as legal that nobody would honestly think a DMCA notice was warranted. How many less obvious or less well known pages have suffered as a result of this company’s claims.
Since the DMCA’s perjury element is clearly worthless, maybe making “we’ll reverse all the work you ever did” a penalty for repeated abuse might make some of them think twice.
“Symphonic has commented on the debacle, claiming “bugs in the system” resulted in the wave of bogus takedown notices”
…and the problem is that’s an acceptable excuse to too many people who claim this stuff is trivial, and they won’t see the hypocrisy.
Re: "They've shown they can't be trusted, and we're responding."
Retroactively re-listing things might be a hard sell in court, but noting that they’ve got a demonstrable history of filing fraudulent claims and as such any future ones are going to need some extra work before Google even looks at them, and/or no more mass-filings might squeak through.
Making it so that a company that gets busted for fraudulent claims has to file individual DMCA claims, one DMCA claim per address, with anti-bot measures put in place to block automated filing would cripple companies that use a ‘file first, ask question never’ business model, provide a very real incentive to check accuracy before sending in the claim, and would (I would think) likely stand up fairly well in court if it got that far.
Just because Google or similar companies have to accept DMCA claims doesn’t mean they have to make them easy after all.
Re: Re: "They've shown they can't be trusted, and we're responding."
I personally think the “you must file by hand each request individually, with a human signoff and human authorization/checking” as a good incentive to stop companies from abusing the system.
I’d personally make it very aggressive – Make it like a three strikes rule. If the company gets punished this way three times within a five year period, they completely lose their ability to file DMCA notices.
Now it is nearly guaranteed that every single one of those companies, when hit by this DMCA one-at-a-time action, would just use a loophole where they sell the contracts to an identical company run by the exact same board and executives, thus zeroing out their status. I haev no clue how to stop that.
Re: Re: "They've shown they can't be trusted, and we're responding."
Yes. Require a captcha to keep the bots out. Process each URL with a minimum waiting time of 5s. Only process one file at a time (globally). Route file uploads via Verizons network, so that you have an excuse why the upload is so slow.
Re: Re: Re: "They've shown they can't be trusted, and we're responding."
Route file uploads via Verizons network, so that you have an excuse why the upload is so slow.
Now that’s just twisting the knife. I love it.
Re: Re:
Except Google doesn’t just blindly de-list anything anyone submits a DMCA for.
There’s been stories on Techdirt before about nonsense DMCA’s that Google ignores (including DMCA’s on the IP holder’s own website, for infringing upon their own IP).
I think Google has implied years ago that only half of the DMCA’s they get are valid.
Was that carpet bombing to try and slip some censorship through? Overwhelm any humans doing any checking and they will make mistakes because they are under pressure to deal with the notice in a reasonable time, and give them some obvious mistakes, they will likely miss more subtle one.
DMCA Takedown Bots Are Already Programmed to Hate Us
This goes to show that it’s not “Skynet” but automated DMCA takedown bots that will evolve to enact “Judgment Day” upon us mere humans.
Google should de-list all those URLs and then let Topple Track pick up the legal bills when the owners sue.
Re: Re:
Bad idea for two reasons:
1) That would be punishing innocent people just to provide a possible way to punish Topple Track.
2) Even if they had the ability to sue, the odds of those impacted getting anything beyond ‘Whoops, our bad’ in court are so low as to be negligible, such that they would have had to deal with their sites being delisted with no real recompense possible.
No harm(to us), no foul, right?
Symphonic has commented on the debacle, claiming "bugs in the system" resulted in the wave of bogus takedown notices.
Which I’m sure would be of great relief to anyone who had their perfectly legal content threatened by those ‘bugs’, and where the only thing that kept them from being impacted was the blatantly bogus nature of the claims your system made.
As it stands there is a very real incentive to be able to send out as many DMCA claims as possible, in this case a financial incentive at that as it makes companies like them look ‘better’ and ‘more productive’ to prospective clients. On the other hand there is no real incentive for accurate claims, and if anything there is a negative incentive, as checking for accuracy stands to decrease how many claims they can make, reducing the all important ‘DMCA claims issued’ number, and with no penalty for fraudulent claims there’s no incentive to try to avoid them.
So long as there remains zero penalty for bogus DMCA claims stuff like this is disgusting, it highlights perfectly how one-sided and flawed the system is, but it is not in any way surprising.
Re: No harm(to us), no foul, right?
Much like trolls that sue for past due medical bills. Their data is shoddy, but if you don’t show up in court to fight it, then they get a default judgement, even if the debt is illegitimate.
My brother got hit with one of those for a work place related injury. His company said all bills were paid. Insurance company said all bills were paid. Hospital said all bills were paid. He showed up in court, said trolls immediately with drew their case. The 20 other people that didn’t show up got default judgements. Wonder how many of them also had fully paid bills?
Re: Re: No harm(to us), no foul, right?
He showed up in court, said trolls immediately with drew their case. The 20 other people that didn’t show up got default judgements. Wonder how many of them also had fully paid bills?
You’d think that a reaction of ‘Oh shit, the accused showed up, run away!’ would be enough to give a judge pause in questioning whether they were being used for a scam when it came to handing out default judgements for the other accused.
‘Simply showing up was enough to cause them to drop the case against that person, I wonder how many of the other cases are based upon similarly shaky/non-existent ‘evidence’…’
Re: Re: No harm(to us), no foul, right?
How does one show up for their court date when the system is rigged to not inform you of same until you have missed said date.
We tried to locate the defendant – honest we did judge.
Re: No harm(to us), no foul, right?
Do I sense a wave of ‘bugs in the internet’ that will result in repeated DMCA notices on Symphonic website, corporate board members, and system in general?
Some are more equal than others
There should be a statutory penalty for a defective DMCA notice equal to the statutory penalty for copyright infringement.
It should not matter if the DMCA notice is generated by a bot or a human. If it is defective it should have the same penalty. What was it? $150,000 per instance I believe?
These notices are supposed to be under penalty of perjury because of their super powers.
Examples of defects would be that the notice is not sent by the copyright owner or registered agent. Or it does not state an actual copyright claim including what was infringed, who owns, it, where the infringement actually exists, etc. Or the notice is sent to the wrong party, for example, to a DNS provider rather than the server hosting the infringing material. Or the notice is way overly broad, such as wanting to take down facebook.com (although that could be argued to be a good thing).
Put the shoe on the other foot.
I understand that the goose and the gander have compatible ports, or something like that, without the need of an adapter cable or dongle.
It boggles the mind that we still have people manually checking copyright infringement. To leave a matter as important as determining intellectual property infringement to meat processes is negligence of the highest order. How do you know that EFF’s case page wasn’t infringing? You used your brain? The brain can be misled easily and makes mistakes. Topple Track’s algorithm runs on perfect silicon, a pure embodyment of divine mathematics. The Computer can be the only authority on matters of IP. Trust The Computer. The Computer is your friend.
Re: Re:
What would happen if the computer (god of all creation and overlord of our lives, blessed be he, the silocon master), found infringment in his own source code?
Re: Re: Re:
My function is to probe for biological infestations, to destroy that which is not perfect.
I am Nomad.
Re: Re:
“The computer is incredibly fast, accurate, and stupid. Man is unbelievably slow, inaccurate, and brilliant. The marriage of the two is a challenge and opportunity beyond imagination.”
-Stuart G. Walesh
Re: Re:
To leave a matter as important as determining intellectual property infringement to meat processes is negligence of the highest order
So what do you call it when the automated process which you hold in such high regard messes up then, dumbfuck?
How do you know that EFF’s case page wasn’t infringing
How do you know Bruno Mars’ official page wasn’t infringing on his own music? Fuck me, you’re a tool.
Re: Re: Re:
How do you know Bruno Mars’ official page wasn’t infringing on his own music? Fuck me, you’re a tool.
It is rather funny the lengths some people will go to to defend companies like this.
Re: Re: Re: Re:
I took it as a parody rather than a defence, but it is worrying how close that might be to something one of those people might try to say.
Re: Re: Re:2 Re:
The AC I responded to almost certainly meant it to highlight how absurd the claims they were responding to, questioning whether the EFF’s page might have been infringing(and therefore a valid DMCA claim), and that one I’m fairly sure was if not honestly meant to be taken literally, simply trolling yet still intended to be taken literally as far as that works within a troll comment.
Re: Re: Re:3 Re:
I’m pretty sure Hamilton believes every buzzing thought he gets in his brain.
Said brain happens to be a plastic bag with a housefly buzzing around inside, its annoying screech whining and reverberating off his flimsy premises.
Re: Re: Re:4 Re:
Possible, but I’m pretty sure they’re just a troll rather than outright insane.
There need to be consequences...
The term for falsely accusing someone of doing something illegal isn’t “bugs in the system”. The term for falsely accusing someone of doing something illegal is “actionable libel”.
Pity that the “under penalty of perjury” nonsense in the DMCA wording is so hollow – this is a fraud perpetrated on the public and it is causing harm. If someone were to steal a $1 item from a department store, the police would be there. If someone steals something as intangible as freedom of speech, that had to be fought for, the loss is greater but the consequences are less? That seems so backwards.
There need to be consequences for this sort of thing, not just “oh well…”
Re: There need to be consequences...
Give a man a gun and he can rob a bank,
give a man a bank and he can rob the world.
Requires Humans
> but all it would have taken was a little human interaction to prevent this abuse of the process and this PR black eye
The problem with this is, humans cost money and they are trying to do it on the cheap.
Re: Requires Humans
They are trying, and succeeding, in moving the cost of human checking onto Google.
Re: Re: Requires Humans
Probably only big, rich entities like Google could afford this cost. Smaller potential competitors can’t compete with that.
So, when are they facing punishment for the abuses just like when people infringe copyrights?
Dear Symphonic Records:
Attached is a DMCA takedown request we received July 22, 2018. We feel that you should be aware that some asshole is signing your name to stupid DMCA notices.
Very truly yours,
[Google]
What will be the likely outcome?
Ouch! – you slapped my wrist … I’m telling mom.
Eliminate copyright.
Strike policy
If I were Google, I’d implement a policy in which each time a company’s content scanning bot sends in a false DMCA notice, that is one strike. After “X” number of strikes, no longer accept the automated notices for that bot. Instead, the bot’s discoveries must first be reviewed by people from the company which develops the bot. Then they can be submitted to Google.
Re: Strike policy
Sadly, I think that would be illegal.
Re: Re: Strike policy
Is it law that Google blindly accept and comply with all notices? False or not.
Re: Re: Re: Strike policy
No, but why should Google pay to carry out the checking that the sender should have done?
Re: Re: Re: Strike policy
Blindly, no. But, you can guarantee that risky lawsuits will be incoming if Google start doing things that can be interpreted as deliberate sabotage of the process (and that absolutely would be spun that way).
Re: Re: Re:2 Strike policy
What about turning the DMCA against them? Title II, Section 512(g)(1)
Under the notice and takedown procedure, a copyright
owner submits a notification under penalty of perjury, including a list of specified elements, to the service provider’s designated agent. Failure to comply substantially with the statutory requirements means that the notification will not be considered in determining the requisite level of knowledge by the service provider. If upon receiving a proper notification, the service provider promptly removes or blocks access to the
material identified in the notification, the provider is exempt from monetary liability. In addition, the provider is protected from any liability to any person for claims based on its having taken down the material
“Upon receiving proper notification” Proper notification under penalty of perjury. Perjury under federal law is a felony that gets you a prison sentence of up to five years. Why are these people not in prison for the many blatantly false takedown notices?
Re: Re: Re:3 Strike policy
It would be very nice if that was enforced, yes.
Sadly, getting that done effectively is far less likely than Google being attacked even more regularly and harshly than they already are.
Is a false DMCA considered to be libel or defamation?
How about delisting the company?
After # strikes, delist the company sending them so no more customers can find them to hire them.
A website could add a little diity to their Terms of Service that says “by filing a false DMCA notice agaist this site, the filer agrees to pay the sum of $10,000 plus interest at the rate of 10% per month… per claim” Isn’t violating TOS a crime under the CFAA?
For all the notices..
What would happen if all the NEWSPAPERS, MOVIE,MUSIC, Politics, and all the other groups..
Sent out DMCA, and take downs..
AND WE TOOK IT ALL DOWN..
would there be an internet??
Content protection – lol
Fees for bogus notices now.
As they like to stack hundreds of URLS in each notice each failure should have a cost…
As always if the cost for screwing up is less than doing it right, they will keep screwing up.
Re: Re:
Its case of either the issuer hiring people to check the notices, or them letting Google do the hiring. Also the issuers do not care about collateral damage, as it is Google that suffers most of the bad publicity, and the cost of dealing with complaints about bad takedowns.
When idiots program
They probably couldn’t even correctly operate a search engine that someone else wrote, like say, oh, I don’t know, Google, to get them the results they’re looking for.
DMCA'd?
DMCA'd?
It looks like Topple Track got the message. Their website is offline.
It’s time to untrust Google for its “Trusted” Copyright Removal Program. Wait a second, untrust copyright!
Copyright working as intended.