What Is DMCA? A 2023 Guide to Copyright Law
Whether you’re a blogger, post videos to YouTube, share photos or run your own ecommerce website, it pays to keep abreast of copyright law. Of course, sometimes it pays even more to stay ahead of it. To do either, you first need to understand what you’re dealing with. In the U.S., that means understanding the ins and outs of the Digital Millennium Copyright Act (DMCA).
Even if you’re not producing or publishing content yourself, chances are you’ve seen the effects the DMCA before. Do a Google search for “watch Game of Thrones online,” scroll down to the bottom of the page and you’ll see a notice from Google that the company removed several results from search due copyright complaints received under the act.
The complaints were likely received via HBO lawyers in the form of DMCA takedown notices, which legally oblige Google to remove the results in order to maintain safe harbor from legal action. Such notices are also sent to YouTube to pull videos, and if you host your own website there’s a chance you could be the recipient of one at some point.
During this guide, we’ll give you a full run down of the essentials of DMCA to help you better understand it, discuss how copyright holders often abuse the law to protect their own interests and give you a few tips on how to keep DMCA abuse from sinking your own web endeavors.
In 1996, in response to the growing popularity of the Internet and the opportunities for copyright infringement that came with it, the World Intellectual Property Organization (WIPO), a branch of the United Nations, decided it was time to bring bureaucracy into the mix. It should surprise nobody that lobbyists from both the film and music industry were behind it.
The outcome of the WIPO gathering were two agreements dubbed the Internet Treaties: the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty. The goal of these treaties was to extend existing WIPO intellectual property agreements between the countries involved to the Internet. In a nutshell, each UN country was called upon to establish laws to prevent online copyright infringement.
On the surface, the U.S. actually took a fair approach in establishing its own implementation of the Internet Treaties. A consortium of scientists, technologists, content publishers, civil rights leaders and other key interests groups was assembled to build the framework of a law that would protect intellectual property, without damaging the growing Internet economy.
After some wrangling back and forth, on October 28, 1998, President Bill Clinton signed the Digital Millennium Copyright Act into law. While far from perfect and, as we’ll see, in many ways very problematic, the law that came to be could have been far more draconian.
DMCA Takedown Notices and Safe Harbor
One of the concerns of many those assembled to hammer out the details of the DMCA was that it would discourage growth by forcing would-be web entrepreneurs to navigate a legal minefield that would cost more in fines and legal fees than was worth the effort. Without the fight put up by these Internet advocates, it’s a fair bet that the online landscape we known and love today would be far more sparse.
Google, YouTube, Twitter, Flickr, web-hosting services like Bluehost (which you can read more about in our Bluehost review), and many other online service providers (OSPs) are protected by provisions in the DMCA that give them “safe harbor” from prosecution for copyright infringement so long as they adhere to certain guidelines.
The way it works is this: rather than maintain tight control over who is putting what online, OSPs are only required to remove content when notified that that content is in violation of a copyright. Copyright holders can provide such notification by filing a DMCA takedown notice with the OSP. The OSP is the required by law to take the content down.
So long as they do so, and do so in a timely manner, OSPs are generally free from legal consequences. The law calls this “expeditious removal,” though interestingly doesn’t define what that means exactly, but that’s another matter.
On top of that, the OSP must not have been aware the content infringed on copyright to maintain safe harbor, though in most cases such awareness can be hard to prove in court. This is where it actually pays not to have a screening process in place at all. If you’re not evaluating posted content to see if it violates copyright laws, you remain safely in the dark about its presences on your site. When it comes to legal matters, ignorance is indeed bliss.
When an OSP removes offending content in response to a takedown notice, they also have to serve notice of its removal to the individual that posted the content. That individual has the option to file a counter-notice fighting the takedown, which the OSP must then deliver to whomever filed the takedown notice. If the claimant doesn’t reply within ten days, the OSP can restore the removed content.
Fair Use and Copyright Law
There are a few reasons why someone might file a counter-notice, with one of the most common being what is known as “fair use.” Fair use refers to the use of copyrighted materials in a limited capacity. A good example would be a clip from a movie or a quote from a book, which can in turn be used in a review, blog or some other form of commentary.
Its inclusion was another critical victory for the pro-Internet contingent at the DMCA summit in 1998. Fair use provides a means of enriching content, and when it comes to the Internet, content is king. Also, without fair use we’d have a sudden dearth of good meme fodder.
While fair use on the surface seems like a perfect safeguard for launching, say, a film review website, it doesn’t always work out that way. The issue is that many times copyright holders — particularly those with deep pockets like Hollywood film studios and record labels — will file takedown notices even if they’re perfectly aware that they’re filing them against cases that fall under the umbrella of fair use.
It’s all about control. If a film studio wants to control the discussion around their latest summer blockbuster, it pays to limit bad press. This leads them to file frivolous takedown notices to scrub the Internet.
Compounding the matter, corporations often use bots to deliver takedown notices, letting them effectively flood OSPs with requests. According to Google, in fact, 99.5 percent of all takedown notices are filed by bots. If you’re wondering how bots can tell the difference between copyright infringement and fair use, well, they can’t.
The term for this is DMCA abuse and its having a tremendous impact on the vitality of the Internet. There are actually ramifications for falsifying a takedown notice, but it’s difficult to prove deliberate falsification in court and the law only covers lying, not negligence.
Because of the sheer number of takedown notices OSPs have to process, many simply don’t have the time or resources to vet them all for legitimacy. As a result, they simply remove the content and make the person that posted the content to dispute the removal by filing a counter notice.
While it might seem simple enough to file a counter-notice, doing so also opens the doors to actual legal proceedings where they may have to fight for their claim in court. That means legal fees, which while pocket change to a Hollywood studio, are likely to deter many bloggers. As such, counter notices often aren’t filed, even to combat spurious takedown notices.
How To Avoid DMCA Abuse
If you’re posting content to Medium, YouTube or a similar site, there’s very little you can do to escape falling victim to DMCA abuse. Your best bet is to make sure you’re following fair use practices and to file counter-notices if you feel you’ve been wronged.
While the case could end up in court, given how many DMCA takedown notices are filed, it’s a fair bet the filer won’t go that far, and your content will be back up online within ten days. If it does end up going that way, you could always back down if it isn’t worth the cost to you.
Zero-Knowledge and DMCA
If you share video and music that you have stored in the cloud with your friends, you’ll want to make sure your cloud storage provider isn’t beholden to the DMCA. Former cloud storage service MegaUpload, the spiritual successor to MEGA (read our MEGA review for more on the history of this controversial service), had its servers seized by the FBI for letting its users store and share pirated content.
Your best bet is to go with a zero-knowledge provider, which is a provider that lets you create and keep your own encryption keys, and thus has no insight into what content you’re actually storing on its servers. You don’t want to go with just any provider, though. You’ll want to find one that maintains zero-knowledge protections even when sharing files.
There are two providers that fit the bill: Sync.com and SpiderOak ONE.
Sync.com lets you add “enhanced privacy” to any share to protect it from prying eyes (read about this feature in our Sync.com review).
SpiderOak ONE, meanwhile, lets you create secure “ShareRooms,” which is a fancy way of saying you can share a folder with others and they can download it while still maintaining zero-knowledge privacy (there’s more about ShareRooms in our SpiderOak review).
Between the two, Sync.com is the better deal. In fact, the 2TB of storage Sync.com offers for just $8 a month is easily one of the best — if not the best — deals in cloud storage right now.
Web Hosting and DMCA
If you’re planning on hosting content yourself, there are few things you can do to protect yourself if you don’t fancy being inundated with bad takedown notices.
For starters, you can make it hard for copyright holders to file claims by staying incognito. The DMCA states that OSPs must make it easy for copyright holders to file notices (this is another requirement for maintaining safe harbor), which includes registering a DMCA agent to process requests with the U.S. Copyright Office.
The Copyright Office maintains a directory of agents that can then be used when filing takedown notices. OSPs are also required to list this contact information on their website.
You could simply not do so. Yes, it would void your safe harbor protection, but it’s also hard to take legal action against a ghost.
If you go this route, there are several others steps you’ll want to take, including anonymously registering your domain by opting into WHOIS Privacy. This will prevent others from connecting your identity to your domain address.
You’ll likely want to use a domain registrar based outside the U.S., too, since U.S.-based registrars can be legally forced by U.S. law enforcement to reveal your identity even if you’re paying for WHOIS Privacy.
If you do go with a non-U.S. domain registrar, consider doubly covering your tracks by using an anonymous payment method like a prepaid debit card or using Bitcoin. Many offshore domain registrars accept Bitcoin in part to fulfill a need for anonymity.
In addition to going with a registrar based outside the U.S., you’ll want do the same when selecting a hosting service for your website. Many hosts also provide domain registration services, so you can likely kill two birds with one stone.
The reason you’ll want to choose a host outside the U.S. is that even if the copyright holder can’t get in contact with you to file a takedown notice, they can still file it with the web host to have the offending page or even your entire site taken down. If anonymity is your goal, you’ll want a host that’s committed to protecting that anonymity, and U.S. hosts, even well intentioned ones, can’t be counted on to do so for legal reasons.
It’s also important to note that simply working with a host outside of the U.S. isn’t enough. Many non-U.S. hosting services still comply with DMCA notices to avoid trouble with their own country. Remember, the DMCA was a response to the Internet treaties, which were agreed upon by the UN. That means that most UN membership countries have some form Internet copyright law in place. The difference is that many aren’t as well suited to corporate misuse as the DMCA.
Location, Location, Location
Countries with more favorable laws include Iceland, Norway, Netherlands, Sweden and Switzerland. Even in those countries, though, you’ll find most hosting services still process DMCA takedown notices.
Prior to committing to a host, make sure you read its terms and conditions and what they have to say about DMCA. They should tell you whether they process or ignore notices filed under the DMCA, or whether they only respond to copyright complaints filed under their own government’s copyright laws.
There’s actually a small but vital niche of web hosting providers dedicated to anonymity and ignoring DMCA notices. A few popular choices include AbeloHost, BlueAngelHost and HideMyHost.
The Digital Millennium Copyright Act was prompted by the worries of Hollywood bigwigs but tempered by more forward-thinking heads who fought for provisions like safe harbor and fair use. While there’s no question that the Internet would not be the Internet we known and love today without their efforts, it’s equally unquestionable that DMCA abuse is an issue that needs to be addressed.
Many organizations, including the Electronic Frontier Foundation, which maintains a Takedown Hall of Shame page, are fighting the good fight to bring that abuse to light. However, given the slow machinations of the U.S. political system — not to mention the lobbying might of the film and music industries — it’s not likely an issue that’s going to get resolved any time soon.
The best course of action you can take for now is to be aware of the law, understand your rights and stand up for them when they’re violated. Alternately, you could limit your exposure to the law by using a zero-knowledge cloud storage service to share content or, if you’re looking at building a website, working with a host that’s committed to protecting your anonymity and not playing ball with U.S. copyright law.
Questions, comments or a tip on dealing with DMCA abuse? Let us know below, and thanks for reading.