Take Down and Stay Down – Rethinking the DMCA

illogical-580-sizedGuest post: Jonathan Bailey, editor and publisher of Plagiarism Today, discusses how a “notice and stay down” DMCA provision might work in practice.

There aren’t very many people happy with the Digital Millennium Copyright Act (DMCA) notice and takedown system.

For rightsholders, the issue is the burden of the process. Currently creators are demanding removal of more than 20 million links from Google per week,independent filmmakers frustrated with their movies repeatedly appearing on YouTube and for years there’s been a growing consensus the takedown process is akin to Whac-a-Mole.

With so many takedown notices flying, mistakes have been a problem. As we’ve talked about previously, users on YouTube have repeatedly complained about false matches and strikes and, even worse, on rare occasions the law can be abused in an attempt to silence critics.

That’s why, since the U.S. Copyright Office announced it was accepting public comments on how to improve the DMCA, in particular its safe harbor provisions, interest has been very high.

One of the major proposals from the rightsholders camp is a concept called Take Down and Stay Down, which calls on hosts, once they’ve learned that a piece of content is infringing, to ensure that it is not trivially re-uploaded either by the same or a different user.

The idea has gained the support of a variety of organizations and individuals including Nova Southeastern University’s copyright office, musician Maria Schneider (who testified about the problem before Congress) and musician David Lowery (famous for also suing Spotify) to name a few.

But is this idea practical and, if so, how would it work? I’ve decided to delve deeper into the issue and look at both how it might work and why it could be needed.

Notice and Take Down (Or Stay Down)

pexels-photoUnder the current law, web hosts, such as YouTube, Facebook, Twitter and Google are provided with “safe harbor” from copyright infringement committed by their users. That is, so long as they meet the requirements under the law.

For the purpose of this article, the most important part is that the host must have an agent able to receive notices of copyright infringement and, after a notice is properly filed, work to either remove or disable access to the allegedly infringing material. The work can be legally restored with a counter notice, which would be filed by the original uploader, but otherwise that copy of the work is supposed to remain offline.

The problem with this system for rightsholders is that it’s usually trivial to re-upload a work. Whether it’s a video on YouTube, a file on a cyberlocker service or just an article on a blog, it’s usually faster and easier to re-upload a work than file a counter notice, which requires the uploader to expose their personal information and then wait 2 weeks for the work to be restored.

For creators, this means that they have to constantly patrol for infringements and that, for popular works, any removed copy will likely be replaced in a matter of minutes or seconds.

Because of this, rightsholders are asking that the law be amended to expand the requirements on hosts. Basically, they want to require hosts to try and block the re-upload of the work.

The way this would work is akin to YouTube’s ContentID. Hosts would be required to take a fingerprint of the allegedly infringing work and then compare that to any files uploaded later. If any files matched that fingerprint more than a certain amount, they would be blocked.

According to many rightsholders, the system would go to great lengths to stop piracy and reduce the number of sites that benefit from infringement. They note that sites like YouTube already have similar policies and that such a system was feasible in 2007 when Myspace successfully tested and launched it on their site.

However, opponents, such as the Internet Archive, worry that such a system could chill free speech. They are seeking a revision to the law that would allow disputed content to stay active while the issue is resolved, going largely the opposite direction.Other opponents include Google, which says the idea would simply not work, and several other large web hosts.

But which side, if either, is right? As someone who’s sent thousands of DMCA notices, the answer is a complex and convoluted one.

One Size Doesn’t Fit All

nestingdolls-imageThe DMCA, as it sits today, is a one-size-fits-all solution. That’s true whether you are the world’s largest search engine or the world smallest web host. It’s true whether you’re an upstart blogger, or the world’s most popular musician.

If you’re a small-to-medium sizes rightsholder, the DMCA likely works pretty well for you. Whether you’re into protecting your web site content, your music, your videos or something else altogether, you’re likely fine so long as you’re only handling a few dozen infringements per month (By the by, this is a big part of what I do at CopyByte, feel free to check me out there).

However, rightsholders with a higher level of frustration have a very understandable frustration as they are forced to spend significant resources just to keep pace with piracy, let alone get ahead of it.

Hosts are in the same situation. A small host may see no DMCA notices or only a few per year. Large ones though are bombarded by thousands or even millions of notices, many of which are fired off with some degree of automation.

What’s clear is that the law isn’t working equally well for all parties. However, there’s no way you can separate rightsholders into different categories. A copyright, with only a few exceptions (such as registration), is supposed to be a copyright. Your latest Facebook post has the same protections as the latest Harry Potter book.

However, the law already makes some separations of types of service providers, identifying four and only putting requirements on two (web hosts and search engines). It may be time to drill down even further as web hosts have become an incredibly diverse group in the nearly 20 years since the bill was written.

For example, GoDaddy and YouTube are two very different companies. GoDaddy customers pay to upload a wide variety of content and the company earns nothing from each visitor to its servers. YouTube, however, charges nothing but earns revenue from viewers in the form of ads and YouTube Red subscriptions.

Applying the same law to both doesn’t make a great deal of sense.

A Take Down Stay Down system would be impractical for GoDaddy, which has no easy way to even monitor uploads. YouTube, however, already has one in the form of ContentID. While ContentID isn’t perfect and has its issues, it is, in many ways, a tech demo for the concept.

The challenge though is finding ways to separate out web hosts and determining which should have to meet what requirements for safe harbor.

Separation Anxiety

To be completely honest, this is where I don’t have much of a solution. I’ve spent a lot of time trying to map out a new and more granular way of handling safe harbor but have not been happy with any of my answers.

However, here is what I have put to paper. First, there are three obvious factors I see for separating out web hosts:

  1. How They Earn Revenue: Does the host earn a significant percentage of their revenue from visitors (YouTube), are they financed solely by uploaders (GoDaddy/BlueHost/Etc.) or are they a non-profit (university/library/etc.)?
  2. Types of Content: Does the host store a wide variety of content or are they primarily focused on one or two types?
  3. Number of Notices: Has the host received very few notices or is there a pattern of repeated notices, especially for the same item?

From there, you have different requirements for how they can maintain safe harbor.

  1. Notice and Take Down: The current system.
  2. Notice and Stay Down: The proposed system.
  3. Hybrid: Some system that combines the two, such as one that requires the host to filter obvious infringement, but has flexibility.

But there’s a singular problem with all of this: It injects huge amounts uncertainty and complexity into the law.

The greatest benefit of the DMCA is that it makes the host/copyright holder relationship very clear cut. As a host, you know what you have to do to maintain safe harbor and a DMCA filer knows, within reason, how the the host should respond to a notice.

While it makes sense that all hosts shouldn’t be treated the same, it also adds a great deal of complexity to the process and just makes it more difficult to determine what a host should do and what a creator should expect.

There has to be a better solution.

Using Carrots Rather Than Sticks

A better solution for enforcing notice and stay down might be to not enforce it at all.

The reason we don’t see more sites going the path of YouTube is because there’s no incentive for doing so. The law doesn’t reward sites for implementing a takedown and stay down procedure. In fact, some even fear punishment for being proactive because the DMCA seems to favor companies that are completely hands off.

That has to change.

Rather than requiring a notice and stay down system, rewarding those who do implement one would ensure that the largest providers do so while not burdening hosts for whom such a system doesn’t make sense, is impractical or is not needed.

Here’s one suggestion for how that could work:

  1. Fill in Gaps in Notice and Takedown: Right now hosts interpret the notice and takedown procedures in wildly different ways including how long they have to respond and how they have to accept notices. Draft clear requirements for hosts, including time frames to respond. Failure to follow these requirements need to carry teeth.
  2. Allow Hosts to Choose Take Down or Stay Down: Require hosts, when registering with the U.S. Copyright Office, to designate themselves as either a take down host or a stay down host. Require those who opt to be stay down hosts to show just how they are preventing re-uploads of infringing works.
  3. Give Stay Down Hosts Greater Flexibility and Security: Finally, hosts that have implemented a stay down procedure get greater flexibility in how they handle copyright issues and greater legal protection. Rights holders, for example, when trying to sue a host for failing to comply with the DMCA, would have a higher burden of proof when dealing with a stay down host than a take down one and stay down hosts could steer filers to forms as long as they aren’t burdensome.

The idea is simple, reward hosts that implement a stay down system with greater legal certainty and a more streamlined copyright system. That legal safety and lightened burden makes such systems viable for many hosts and justifies the cost of implementation.

Best of all, it doesn’t punish hosts who can’t or don’t wish to implement such a system, still providing them with a way of avoiding liability, just a rockier and more difficult path.

Bottom Line

There’s nothing easy or simple about this. Any change to safe harbor is going to have to come with serious contemplation and thought. However, revamping the system in a significant way, especially one that places burdens not practical for many hosts, will be met with extremely tense opposition.

However, many hosts would likely consider implementing such a system if there were a practical benefit. Right now, unless the number of DMCA notices is so onerous that there’s no other alternative, hosts have no motivation to implement a stay down procedure.

That motivation, however, doesn’t have to be provided through force, the law can reward just as easily as it punishes.

All of that being said, one thing is very clear. The DMCA process, for many, is not working. If the DMCA process was truly effective at reducing piracy and infringement, the number of notices would either be holding steady or going down, instead, it’s going up and it’s not just at Google. Twitter and others are seeing sharp increases in takedown notices.

If we’re going to improve the system, it’s going to require a long dialog and facing a lot of difficult truths. But if there is any opportunity for cooperation, that common ground can be used to build a solution that works for everyone.

We just have to find that common ground first.

reposted under a CC license from Plagiarism Today


  1. Jaylat29 March, 2016

    These are creative ideas, but in my opinion they don’t address the problem of protecting copyright for small creators, and they are much too lenient on infringers.

    As a content creator who has to constantly fight piracy, I strongly disagree that the current system works well for me. Even when infringing files are removed, the 24 hour delay allows thousands of illegal downloads.

    A digital fingerprint is a simple technology to implement. Why not simply require it for everyone? I think the idea of differentiating between types of websites is problematic, as people will argue that they are one model or another in order to escape liability. Godaddy makes money from hosting pirate websites, so they should respond to DMCA like everyone else. If they don’t want to do it, they should get out of that business.

    It is absolutely absurd that infringing pirate sites are allowed to remain online despite repeated DMCA notices. Repeat offenders should be subject to punitive damages and legal action.

    If I was an infringing website under your proposed rules, I would issue a few take down and stay down notices each month and then use that as an excuse to ignore the rest – and enjoy full legal protection.

    Also not sure why increasing DMCA numbers of notices would mean the system doesn’t work? I would argue the opposite.

    Sorry to be so negative, but I just don’t think you get the seriousness and extent of the piracy problem.

    1. Nate Hoffelder29 March, 2016

      I think it goes too far. As a website owner, I have no responsibility for protecting anyone’s IP other than my own. It’s not my job to actively police for someone else’s copyrighted content.

  2. puzzled29 March, 2016

    Jaylat, you’ve decided to release your content in an easy to pirate format. You could have released it in formats that are difficult to pirate, but that would have lead to a lot less sales.

    Piracy is a balance between mechanisms that allow easy sales and mechanisms that make it difficult to copy. For instance, the book trade could have decided that they would only release ebooks on physical cards, which would be inserted into ereaders or computers. This would have severely restricted piracy, but would have significantly reduced sales (it makes it a lot harder to get your product to the buyer).

    “A digital fingerprint is a simple technology to implement”

    I love it when non-technical people weigh in on the ease of implementing complex technological solutions. As the current situation is showing, even massive companies with virtually unlimited resources are unable to implement a fingerprinting system that works properly. How do you expect small websites to do better?

    1. Nate Hoffelder29 March, 2016

      And another problems with the digital fingerprint is that when it is used in a notice-and-staydown system, it effectively censors legal uses (commentary, remixes, etc) be preventing them from being published.

      That is an unfair abridgment of the rights of other creators.

      1. Jaylat29 March, 2016

        This is a straw man argument. If someone wants to use a portion of a copyrighted work, all they have to do is ask. Not only is it legally required (in most instances), it’s the right thing to do.

        “Jaylat, you’ve decided to release your content in an easy to pirate format.”

        You have no idea what format I use. And you are blaming the content creator for trusting his customers. There is no “balance” involved – piracy is a crime, full stop.

        1. Nate Hoffelder29 March, 2016

          One, I don’t have to ask someone’s permission to exercise my rights, and two, this staydown idea has already failed on that point. Do you remember the 2012 Hugo awards, and how the stream was booted over the use of authorized clips from Doctor Who?

        2. Chris Meadows29 March, 2016

          No, actually, it’s not legally required to ask—at least not in the USA. That’s how fair use works. People can and do make reviews, commentary, etc. using clips and excerpts from media all the time.

        3. puzzled30 March, 2016

          “You have no idea what format I use. And you are blaming the content creator for trusting his customers. There is no “balance” involved – piracy is a crime, full stop.”

          You’re right, I have no idea what format you use. I don’t need to, all current formats are easy to copy.

          Frankly, I wasn’t even thinking of your customers. But now that you mention it, very few businesses trust their customers. That’s why retail stores hire security guards. That’s why stores put magnetic tags on mechandise. That’s why businesses have security cameras.

          Physical books are difficult to copy. Well, they used to be, it is now possible to build an automatic book scanner for about $100. And you can get a book scanned and OCRed for under $10.

          You could have sold your ebooks (I presume your content eas ebooks, if it is something else, the following stills applies, just change the technology), in a format that was very difficult to copy. You could have sold it so that it could only be read using the app that you supplied, with the content being encrypted with a different key for each copy. But this was probably outside of your technical ability, as well as being needlessly expensive, not to mention extremely inconvenient to both you and your customers. Piracy is part of the cost of doing business. As are the security guards, and magnetic tags (and the sensors at the door), and the security cameras.

          My guess too is that most of the ‘thousands’ of copies of your content that was pirated in 24 hours will never be read, and those few, very few, copies that are actually read will have been acquired by people that wouldn’t have bought your content in the first place. And then there are the people that will read that pirated copy, and actually give you money to get the other nuggets of content that you have produced.

          1. puzzled30 March, 2016

            Geez, it looks like I use the same proofreaders the BPHs do nowadays…

  3. […] maximalists have argued that the DMCA's notice-and-takedown setup should be replaced by a notice-and-staydown system where bots would police platforms like Youtube and either prevent users from uploading possibly […]

  4. […] identify copyright infringement with any degree of accuracy. And that is a fundamental problem with the "notice and stay down" DMCA system that some are […]

Leave a Reply

Scroll to top