Take Down and Stay Down – Rethinking the DMCA

There aren’t very many people happy with the Digital Millennium Copyright Act (DMCA) notice and takedown system.

For rightsholders, the issue is the burden of the process. Currently creators are demanding removal of more than 20 million links from Google per week, independent filmmakers frustrated with their movies repeatedly appearing on YouTube and for years there’s been a growing consensus the takedown process is akin to Whac-a-Mole.

With so many takedown notices flying, mistakes have been a problem. As we’ve talked about previously, users on YouTube have repeatedly complained about false matches and strikes and, even worse, on rare occasions the law can be abused to attempt to silence critics.

That’s why, since the U.S. Copyright Office announced it was accepting public comments on how to improve the DMCA, in particular its safe harbor provisions, interest has been very high.

One of the major proposals from the rightsholders camp is a concept called Take Down and Stay Down, which calls on hosts, once they’ve learned that a piece of content is infringing, to ensure that it is not trivially re-uploaded either by the same or a different user.

The idea has gained the support of a variety of organizations and individuals including Nova Southeastern University’s copyright office, musician Maria Schneider (who testified about the problem before Congress) and musician David Lowery (famous for also suing Spotify) to name a few.

But is this idea practical and, if so, how would it work? I’ve decided to delve deeper into the issue and look at both how it might work and why it could be needed.

Notice and Take Down (Or Stay Down)

Under the current law, web hosts, such as YouTube, Facebook, Twitter and Google are provided with “safe harbor” from copyright infringement committed by their users. That is, so long as they meet the requirements under the law.

For the purpose of this article, the most important part is that the host must have an agent able to receive notices of copyright infringement and, after a notice is properly filed, work to either remove or disable access to the allegedly infringing material. The work can be legally restored with a counternotice, which would be filed by the original uploader, but otherwise that copy of the work is supposed to remain offline.

The problem with this system for rightsholders is that it’s usually trivial to re-upload a work. Whether it’s a video on YouTube, a file on a cyberlocker service or just an article on a blog, it’s usually faster and easier to re-upload a work than file a counternotice, which requires the uploader to expose their personal information and then wait 2 weeks for the work to be restored.

For creators, this means that they have to constantly patrol for infringements and that, for popular works, any removed copy will likely be replaced in a matter of minutes or seconds.

Because of this, rightsholders are asking that the law be amended to expand the requirements on hosts. Basically, they want to require hosts to try and block the re-upload of the work.

The way this would work is akin to YouTube’s ContentID. Hosts would be required to take a fingerprint of the allegedly infringing work and then compare that to any files uploaded later. If any files matched that fingerprint more than a certain amount, they would be blocked.

According to many rightsholders, the system would go to great lengths to stop piracy and reduce the number of sites that benefit from infringement. They note that sites like YouTube already have similar policies and that such a system was feasible in 2007 when Myspace successfully tested and launched it on their site.

However, opponents, such as the Internet Archive, worry that such a system could chill free speech. They are seeking a revision to the law that would allow disputed content to stay active while the issue is resolved, going largely the opposite direction. Other opponents include Google, which says the idea would simply not work, and several other large web hosts.

But which side, if either, is right? As someone who’s sent thousands of DMCA notices, the answer is a complex and convoluted one.

One Size Doesn’t Fit All

The DMCA, as it sits today, is a one-size-fits-all solution. That’s true whether you are the world’s largest search engine or the world smallest web host. It’s true whether you’re an upstart blogger, or the world’s most popular musician.

If you’re a small-to-medium sizes rightsholder, the DMCA likely works pretty well for you. Whether you’re into protecting your web site content, your music, your videos or something else altogether, you’re likely fine so long as you’re only handling a few dozen infringements per month (By the by, this is a big part of what I do at CopyByte, feel free to check me out there).

However, rightsholders with a higher level of frustration have a very understandable frustration as they are forced to spend significant resources just to keep pace with piracy, let alone get ahead of it.

Hosts are in the same situation. A small host may see no DMCA notices or only a few per year. Large ones though are bombarded by thousands or even millions of notices, many of which are fired off with some degree of automation.

What’s clear is that the law isn’t working equally well for all parties. However, there’s no way you can separate rightsholders into different categories. A copyright, with only a few exceptions (such as registration), is supposed to be a copyright. Your latest Facebook post has the same protections as the latest Harry Potter book.

However, the law already makes some separations of types of service providers, identifying four and only putting requirements on two (web hosts and search engines). It may be time to drill down even further as web hosts have become an incredibly diverse group in the nearly 20 years since the bill was written.

For example, GoDaddy and YouTube are two very different companies. GoDaddy customers pay to upload a wide variety of content and the company earns nothing from each visitor to its servers. YouTube, however, charges nothing but earns revenue from viewers in the form of ads and YouTube Red subscriptions.

Applying the same law to both doesn’t make a great deal of sense.

A Take Down Stay Down system would be impractical for GoDaddy, which has no easy way to even monitor uploads. YouTube, however, already has one in the form of ContentID. While ContentID isn’t perfect and has its issues, it is, in many ways, a tech demo for the concept.

The challenge though is finding ways to separate out web hosts and determining which should have to meet what requirements for safe harbor.

Separation Anxiety

To be completely honest, this is where I don’t have much of a solution. I’ve spent a lot of time trying to map out a new and more granular way of handling safe harbor but have not been happy with any of my answers.

However, here is what I have put to paper. First, there are three obvious factors I see for separating out web hosts:

1. How They Earn Revenue: Does the host earn a significant percentage of their revenue from visitors (YouTube), are they financed solely by uploaders (GoDaddy/BlueHost/Etc.) or are they a non-profit (university/library/etc.)?
2. Types of Content: Does the host store a wide variety of content or are they primarily focused on one or two types?
3. Number of Notices: Has the host received very few notices or is there a pattern of repeated notices, especially for the same item?

From there, you have different requirements for how they can maintain safe harbor.

1. Notice and Take Down: The current system.
2. Notice and Stay Down: The proposed system.
3. Hybrid: Some system that combines the two, such as one that requires the host to filter obvious infringement, but has flexibility.

But there’s a singular problem with all of this: It injects huge amounts uncertainty and complexity into the law.

The greatest benefit of the DMCA is that it makes the host/copyright holder relationship very clear cut. As a host, you know what you have to do to maintain safe harbor and a DMCA filer knows, within reason, how the the host should respond to a notice.

While it makes sense that all hosts shouldn’t be treated the same, it also adds a great deal of complexity to the process and just makes it more difficult to determine what a host should do and what a creator should expect.

There has to be a better solution.

Using Carrots Rather Than Sticks

A better solution for enforcing notice and stay down might be to not enforce it at all.

The reason we don’t see more sites going the path of YouTube is because there’s no incentive for doing so. The law doesn’t reward sites for implementing a takedown and stay down procedure. In fact, some even fear punishment for being proactive because the DMCA seems to favor companies that are completely hands off.

That has to change.

Rather than requiring a notice and stay down system, rewarding those who do implement one would ensure that the largest providers do so while not burdening hosts for whom such a system doesn’t make sense, is impractical or is not needed.

Here’s one suggestion for how that could work:

1. Fill in Gaps in Notice and Takedown: Right now hosts interpret the notice and takedown procedures in wildly different ways including how long they have to respond and how they have to accept notices. Draft clear requirements for hosts, including time frames to respond. Failure to follow these requirements need to carry teeth.
2. Allow Hosts to Choose Take Down or Stay Down: Require hosts, when registering with the U.S. Copyright Office, to designate themselves as either a take down host or a stay down host. Require those who opt to be stay down hosts to show just how they are preventing re-uploads of infringing works.
3. Give Stay Down Hosts Greater Flexibility and Security: Finally, hosts that have implemented a stay down procedure get greater flexibility in how they handle copyright issues and greater legal protection. Rights holders, for example, when trying to sue a host for failing to comply with the DMCA, would have a higher burden of proof when dealing with a stay down host than a take down one and stay down hosts could steer filers to forms as long as they aren’t burdensome.

The idea is simple, reward hosts that implement a stay down system with greater legal certainty and a more streamlined copyright system. That legal safety and lightened burden makes such systems viable for many hosts and justifies the cost of implementation.

Best of all, it doesn’t punish hosts who can’t or don’t wish to implement such a system, still providing them with a way of avoiding liability, just a rockier and more difficult path.

Bottom Line

There’s nothing easy or simple about this. Any change to safe harbor is going to have to come with serious contemplation and thought. However, revamping the system in a significant way, especially one that places burdens not practical for many hosts, will be met with extremely tense opposition.

However, many hosts would likely consider implementing such a system if there were a practical benefit. Right now, unless the number of DMCA notices is so onerous that there’s no other alternative, hosts have no motivation to implement a stay down procedure.

That motivation, however, doesn’t have to be provided through force, the law can reward just as easily as it punishes.

All of that being said, one thing is very clear. The DMCA process, for many, is not working. If the DMCA process was truly effective at reducing piracy and infringement, the number of notices would either be holding steady or going down, instead, it’s going up and it’s not just at Google. Twitter and others are seeing sharp increases in takedown notices.

If we’re going to improve the system, it’s going to require a long dialog and facing a lot of difficult truths. But if there is any opportunity for cooperation, that common ground can be used to build a solution that works for everyone.

We just have to find that common ground first.