Automated 'Content Protection' System Sends Wave Of Bogus DMCA Notice Targeting Legitimate URLs

from the don't-worry,-humans.-the-bots-won't-ever-do-this-job-well. dept

Yet another content protection service decides it's better off letting the machines do the work, with predictably catastrophic results. The EFF first noticed the DMCA abuse being committed by "Topple Track," a content protection service offered by Symphonic Distribution. Symphonic talks big about its protection service, pointing out its position as one of the "leading members" of Google's "Trusted Copyright Program."

The thing about trust is that it's hard to gain but easy to lose.

Topple Track’s recent DMCA takedown notices target so much speech it is difficult to do justice to the scope of expression it has sought to delist. A sample of recent improper notices can be found here, here, here, and here. Each notice asks Google to delist a collection of URLs. Among others, these notices improperly target:

Other targets include an article about the DMCA in the NYU Law Review, an NBC News articleabout anti-virus scams, a Variety article about the Drake-Pusha T feud, and the lyrics to ‘Happier’ at Ed Sheeran’s official website. It goes on and on. If you search for Topple Track’s DMCA notices at Lumen, you’ll find many more examples.

Topple Track's failures came to the EFF's attention because it targeted one of its URLs, supposedly for infringing on artist Luc Sky's copyright for his song "My New Boy." The page targeted by Topple Track discusses the EMI lawsuit against MP3Tunes -- one that has been on the EFF's site for eight years. If Luc Sky even exists (the EFF could find no info on the artist/track), the discussion of a long-running legal battle certainly didn't contain an unauthorized copy of this track.

Presumably Topple Track has customers. (The "Luc Sky" dead end isn't promising.) If so, they're being ripped off by DMCA notices sent in their names that target tons of legit sites containing zero infringing content. The URLs targeted have no relation to the name/title listed as protected content and it's impossible to see how an algorithm could do the job this badly. There's obviously no human interaction with the DMCA process Topple Track employs, otherwise none of the DMCA notices listed would even have been sent to Google.

What did we say about trust?

Google has confirmed that it has removed Topple Track from its Trusted Copyright Removal Program membership due to a pattern of problematic notices.

Symphonic has commented on the debacle, claiming "bugs in the system" resulted in the wave of bogus takedown notices. Possibly true, but all it would have taken was a little human interaction to prevent this abuse of the process and this PR black eye.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    PaulT (profile), 16 Aug 2018 @ 3:42am

    "Google has confirmed that it has removed Topple Track from its Trusted Copyright Removal Program membership due to a pattern of problematic notices."

    Not far enough. They should also retroactively reverse any delisting that has happened as a result of claims from this company and let them have it out with their clients about the wasted time and money.

    The problem with this sort of thing is that the bogus requests were spotted because they are so blindingly obvious as legal that nobody would honestly think a DMCA notice was warranted. How many less obvious or less well known pages have suffered as a result of this company's claims.

    Since the DMCA's perjury element is clearly worthless, maybe making "we'll reverse all the work you ever did" a penalty for repeated abuse might make some of them think twice.

    "Symphonic has commented on the debacle, claiming "bugs in the system" resulted in the wave of bogus takedown notices"

    ...and the problem is that's an acceptable excuse to too many people who claim this stuff is trivial, and they won't see the hypocrisy.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 16 Aug 2018 @ 5:40am

      "They've shown they can't be trusted, and we're responding."

      Retroactively re-listing things might be a hard sell in court, but noting that they've got a demonstrable history of filing fraudulent claims and as such any future ones are going to need some extra work before Google even looks at them, and/or no more mass-filings might squeak through.

      Making it so that a company that gets busted for fraudulent claims has to file individual DMCA claims, one DMCA claim per address, with anti-bot measures put in place to block automated filing would cripple companies that use a 'file first, ask question never' business model, provide a very real incentive to check accuracy before sending in the claim, and would (I would think) likely stand up fairly well in court if it got that far.

      Just because Google or similar companies have to accept DMCA claims doesn't mean they have to make them easy after all.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Aug 2018 @ 6:56am

        Re: "They've shown they can't be trusted, and we're responding."

        I personally think the "you must file by hand each request individually, with a human signoff and human authorization/checking" as a good incentive to stop companies from abusing the system.

        I'd personally make it very aggressive - Make it like a three strikes rule. If the company gets punished this way three times within a five year period, they completely lose their ability to file DMCA notices.

        Now it is nearly guaranteed that every single one of those companies, when hit by this DMCA one-at-a-time action, would just use a loophole where they sell the contracts to an identical company run by the exact same board and executives, thus zeroing out their status. I haev no clue how to stop that.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Aug 2018 @ 8:17am

        Re: "They've shown they can't be trusted, and we're responding."

        Yes. Require a captcha to keep the bots out. Process each URL with a minimum waiting time of 5s. Only process one file at a time (globally). Route file uploads via Verizons network, so that you have an excuse why the upload is so slow.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 16 Aug 2018 @ 10:25am

          Re: Re: "They've shown they can't be trusted, and we're responding."

          Route file uploads via Verizons network, so that you have an excuse why the upload is so slow.

          Now that's just twisting the knife. I love it.

          reply to this | link to this | view in chronology ]

    • icon
      ShadowNinja (profile), 16 Aug 2018 @ 8:43am

      Re:

      Except Google doesn't just blindly de-list anything anyone submits a DMCA for.

      There's been stories on Techdirt before about nonsense DMCA's that Google ignores (including DMCA's on the IP holder's own website, for infringing upon their own IP).

      I think Google has implied years ago that only half of the DMCA's they get are valid.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 3:58am

    Was that carpet bombing to try and slip some censorship through? Overwhelm any humans doing any checking and they will make mistakes because they are under pressure to deal with the notice in a reasonable time, and give them some obvious mistakes, they will likely miss more subtle one.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 4:03am

    DMCA Takedown Bots Are Already Programmed to Hate Us

    This goes to show that it's not "Skynet" but automated DMCA takedown bots that will evolve to enact "Judgment Day" upon us mere humans.

    reply to this | link to this | view in chronology ]

  • icon
    Lord Lidl of Cheem (profile), 16 Aug 2018 @ 4:03am

    Google should de-list all those URLs and then let Topple Track pick up the legal bills when the owners sue.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 16 Aug 2018 @ 4:38am

      Re:

      Bad idea for two reasons:

      1) That would be punishing innocent people just to provide a possible way to punish Topple Track.

      2) Even if they had the ability to sue, the odds of those impacted getting anything beyond 'Whoops, our bad' in court are so low as to be negligible, such that they would have had to deal with their sites being delisted with no real recompense possible.

      reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 16 Aug 2018 @ 4:35am

    No harm(to us), no foul, right?

    Symphonic has commented on the debacle, claiming "bugs in the system" resulted in the wave of bogus takedown notices.

    Which I'm sure would be of great relief to anyone who had their perfectly legal content threatened by those 'bugs', and where the only thing that kept them from being impacted was the blatantly bogus nature of the claims your system made.

    As it stands there is a very real incentive to be able to send out as many DMCA claims as possible, in this case a financial incentive at that as it makes companies like them look 'better' and 'more productive' to prospective clients. On the other hand there is no real incentive for accurate claims, and if anything there is a negative incentive, as checking for accuracy stands to decrease how many claims they can make, reducing the all important 'DMCA claims issued' number, and with no penalty for fraudulent claims there's no incentive to try to avoid them.

    So long as there remains zero penalty for bogus DMCA claims stuff like this is disgusting, it highlights perfectly how one-sided and flawed the system is, but it is not in any way surprising.

    reply to this | link to this | view in chronology ]

    • icon
      AR Libertarian (profile), 16 Aug 2018 @ 5:20am

      Re: No harm(to us), no foul, right?

      Much like trolls that sue for past due medical bills. Their data is shoddy, but if you don't show up in court to fight it, then they get a default judgement, even if the debt is illegitimate.

      My brother got hit with one of those for a work place related injury. His company said all bills were paid. Insurance company said all bills were paid. Hospital said all bills were paid. He showed up in court, said trolls immediately with drew their case. The 20 other people that didn't show up got default judgements. Wonder how many of them also had fully paid bills?

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 16 Aug 2018 @ 5:29am

        Re: Re: No harm(to us), no foul, right?

        He showed up in court, said trolls immediately with drew their case. The 20 other people that didn't show up got default judgements. Wonder how many of them also had fully paid bills?

        You'd think that a reaction of 'Oh shit, the accused showed up, run away!' would be enough to give a judge pause in questioning whether they were being used for a scam when it came to handing out default judgements for the other accused.

        'Simply showing up was enough to cause them to drop the case against that person, I wonder how many of the other cases are based upon similarly shaky/non-existent 'evidence'...'

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Aug 2018 @ 10:23am

        Re: Re: No harm(to us), no foul, right?

        How does one show up for their court date when the system is rigged to not inform you of same until you have missed said date.

        We tried to locate the defendant - honest we did judge.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 3:04pm

      Re: No harm(to us), no foul, right?

      Do I sense a wave of 'bugs in the internet' that will result in repeated DMCA notices on Symphonic website, corporate board members, and system in general?

      reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 16 Aug 2018 @ 5:47am

    Some are more equal than others

    There should be a statutory penalty for a defective DMCA notice equal to the statutory penalty for copyright infringement.

    It should not matter if the DMCA notice is generated by a bot or a human. If it is defective it should have the same penalty. What was it? $150,000 per instance I believe?

    These notices are supposed to be under penalty of perjury because of their super powers.

    Examples of defects would be that the notice is not sent by the copyright owner or registered agent. Or it does not state an actual copyright claim including what was infringed, who owns, it, where the infringement actually exists, etc. Or the notice is sent to the wrong party, for example, to a DNS provider rather than the server hosting the infringing material. Or the notice is way overly broad, such as wanting to take down facebook.com (although that could be argued to be a good thing).

    Put the shoe on the other foot.

    I understand that the goose and the gander have compatible ports, or something like that, without the need of an adapter cable or dongle.

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 16 Aug 2018 @ 6:19am

    It boggles the mind that we still have people manually checking copyright infringement. To leave a matter as important as determining intellectual property infringement to meat processes is negligence of the highest order. How do you know that EFF's case page wasn't infringing? You used your brain? The brain can be misled easily and makes mistakes. Topple Track's algorithm runs on perfect silicon, a pure embodyment of divine mathematics. The Computer can be the only authority on matters of IP. Trust The Computer. The Computer is your friend.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 6:44am

      Re:

      What would happen if the computer (god of all creation and overlord of our lives, blessed be he, the silocon master), found infringment in his own source code?

      reply to this | link to this | view in chronology ]

    • icon
      Toom1275 (profile), 16 Aug 2018 @ 7:15am

      Re:

      "The computer is incredibly fast, accurate, and stupid. Man is unbelievably slow, inaccurate, and brilliant. The marriage of the two is a challenge and opportunity beyond imagination."
      -Stuart G. Walesh

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 7:20pm

      Re:

      To leave a matter as important as determining intellectual property infringement to meat processes is negligence of the highest order

      So what do you call it when the automated process which you hold in such high regard messes up then, dumbfuck?

      How do you know that EFF's case page wasn't infringing

      How do you know Bruno Mars' official page wasn't infringing on his own music? Fuck me, you're a tool.

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 16 Aug 2018 @ 11:54pm

        Re: Re:

        How do you know Bruno Mars' official page wasn't infringing on his own music? Fuck me, you're a tool.

        It is rather funny the lengths some people will go to to defend companies like this.

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 17 Aug 2018 @ 12:35am

          Re: Re: Re:

          I took it as a parody rather than a defence, but it is worrying how close that might be to something one of those people might try to say.

          reply to this | link to this | view in chronology ]

          • icon
            That One Guy (profile), 17 Aug 2018 @ 4:51am

            Re: Re: Re: Re:

            The AC I responded to almost certainly meant it to highlight how absurd the claims they were responding to, questioning whether the EFF's page might have been infringing(and therefore a valid DMCA claim), and that one I'm fairly sure was if not honestly meant to be taken literally, simply trolling yet still intended to be taken literally as far as that works within a troll comment.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 17 Aug 2018 @ 11:57pm

              Re: Re: Re: Re: Re:

              I'm pretty sure Hamilton believes every buzzing thought he gets in his brain.

              Said brain happens to be a plastic bag with a housefly buzzing around inside, its annoying screech whining and reverberating off his flimsy premises.

              reply to this | link to this | view in chronology ]

  • identicon
    carlb, 16 Aug 2018 @ 6:24am

    There need to be consequences...

    The term for falsely accusing someone of doing something illegal isn't "bugs in the system". The term for falsely accusing someone of doing something illegal is "actionable libel".

    Pity that the "under penalty of perjury" nonsense in the DMCA wording is so hollow - this is a fraud perpetrated on the public and it is causing harm. If someone were to steal a $1 item from a department store, the police would be there. If someone steals something as intangible as freedom of speech, that had to be fought for, the loss is greater but the consequences are less? That seems so backwards.

    There need to be consequences for this sort of thing, not just "oh well..."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 7:08am

      Re: There need to be consequences...

      Give a man a gun and he can rob a bank,
      give a man a bank and he can rob the world.

      reply to this | link to this | view in chronology ]

  • icon
    ArkieGuy (profile), 16 Aug 2018 @ 6:37am

    Requires Humans

    > but all it would have taken was a little human interaction to prevent this abuse of the process and this PR black eye

    The problem with this is, humans cost money and they are trying to do it on the cheap.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 7:37am

      Re: Requires Humans

      They are trying, and succeeding, in moving the cost of human checking onto Google.

      reply to this | link to this | view in chronology ]

      • icon
        OA (profile), 16 Aug 2018 @ 8:57am

        Re: Re: Requires Humans

        They are trying, and succeeding, in moving the cost of human checking onto Google.

        Probably only big, rich entities like Google could afford this cost. Smaller potential competitors can't compete with that.

        reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 16 Aug 2018 @ 6:37am

    So, when are they facing punishment for the abuses just like when people infringe copyrights?

    reply to this | link to this | view in chronology ]

  • icon
    Toom1275 (profile), 16 Aug 2018 @ 6:43am

    Dear Symphonic Records:

    Attached is a DMCA takedown request we received July 22, 2018. We feel that you should be aware that some asshole is signing your name to stupid DMCA notices.

    Very truly yours,
    [Google]

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 7:09am

    What will be the likely outcome?

    Ouch! - you slapped my wrist ... I'm telling mom.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 7:13am

    Eliminate copyright.

    reply to this | link to this | view in chronology ]

  • icon
    NeghVar (profile), 16 Aug 2018 @ 7:30am

    Strike policy

    If I were Google, I'd implement a policy in which each time a company's content scanning bot sends in a false DMCA notice, that is one strike. After "X" number of strikes, no longer accept the automated notices for that bot. Instead, the bot's discoveries must first be reviewed by people from the company which develops the bot. Then they can be submitted to Google.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Aug 2018 @ 7:38am

      Re: Strike policy

      Sadly, I think that would be illegal.

      reply to this | link to this | view in chronology ]

      • icon
        NeghVar (profile), 16 Aug 2018 @ 7:44am

        Re: Re: Strike policy

        Is it law that Google blindly accept and comply with all notices? False or not.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Aug 2018 @ 7:57am

          Re: Re: Re: Strike policy

          No, but why should Google pay to carry out the checking that the sender should have done?

          reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 16 Aug 2018 @ 8:10am

          Re: Re: Re: Strike policy

          Blindly, no. But, you can guarantee that risky lawsuits will be incoming if Google start doing things that can be interpreted as deliberate sabotage of the process (and that absolutely would be spun that way).

          reply to this | link to this | view in chronology ]

          • icon
            NeghVar (profile), 16 Aug 2018 @ 8:58am

            Re: Re: Re: Re: Strike policy

            What about turning the DMCA against them? Title II, Section 512(g)(1)
            Under the notice and takedown procedure, a copyright
            owner submits a notification under penalty of perjury, including a list of specified elements, to the service provider’s designated agent. Failure to comply substantially with the statutory requirements means that the notification will not be considered in determining the requisite level of knowledge by the service provider. If upon receiving a proper notification, the service provider promptly removes or blocks access to the
            material identified in the notification, the provider is exempt from monetary liability. In addition, the provider is protected from any liability to any person for claims based on its having taken down the material

            "Upon receiving proper notification" Proper notification under penalty of perjury. Perjury under federal law is a felony that gets you a prison sentence of up to five years. Why are these people not in prison for the many blatantly false takedown notices?

            reply to this | link to this | view in chronology ]

            • icon
              PaulT (profile), 16 Aug 2018 @ 9:03am

              Re: Re: Re: Re: Re: Strike policy

              It would be very nice if that was enforced, yes.

              Sadly, getting that done effectively is far less likely than Google being attacked even more regularly and harshly than they already are.

              reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 8:31am

    Is a false DMCA considered to be libel or defamation?

    reply to this | link to this | view in chronology ]

  • icon
    TheResidentSkeptic (profile), 16 Aug 2018 @ 8:43am

    How about delisting the company?

    After # strikes, delist the company sending them so no more customers can find them to hire them.

    reply to this | link to this | view in chronology ]

  • identicon
    Mark, 16 Aug 2018 @ 9:35am

    A website could add a little diity to their Terms of Service that says "by filing a false DMCA notice agaist this site, the filer agrees to pay the sum of $10,000 plus interest at the rate of 10% per month... per claim" Isn't violating TOS a crime under the CFAA?

    reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 16 Aug 2018 @ 12:54pm

    For all the notices..

    What would happen if all the NEWSPAPERS, MOVIE,MUSIC, Politics, and all the other groups..
    Sent out DMCA, and take downs..

    AND WE TOOK IT ALL DOWN..
    would there be an internet??

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Aug 2018 @ 1:19pm

    Content protection - lol

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 16 Aug 2018 @ 5:01pm

    Fees for bogus notices now.
    As they like to stack hundreds of URLS in each notice each failure should have a cost...

    As always if the cost for screwing up is less than doing it right, they will keep screwing up.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Aug 2018 @ 2:12am

      Re:

      Its case of either the issuer hiring people to check the notices, or them letting Google do the hiring. Also the issuers do not care about collateral damage, as it is Google that suffers most of the bad publicity, and the cost of dealing with complaints about bad takedowns.

      reply to this | link to this | view in chronology ]

  • icon
    Mononymous Tim (profile), 16 Aug 2018 @ 8:15pm

    When idiots program

    They probably couldn't even correctly operate a search engine that someone else wrote, like say, oh, I don't know, Google, to get them the results they're looking for.

    reply to this | link to this | view in chronology ]

  • identicon
    Smartassicus the Roman, 16 Aug 2018 @ 8:40pm

    DMCA'd?

    reply to this | link to this | view in chronology ]

  • identicon
    Smartassicus the Roman, 16 Aug 2018 @ 8:41pm

    DMCA'd?

    It looks like Topple Track got the message. Their website is offline.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Aug 2018 @ 2:35pm

    It's time to untrust Google for its "Trusted" Copyright Removal Program. Wait a second, untrust copyright!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2018 @ 10:28am

    Copyright working as intended.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.