> this seems outrageous the same way DMCA'ing a Bittorrent client would be
Why stop there? I can use my browser to illegally download content, so I guess we better issue a DMCA takedown that too. But who even needs a browser? Let's issue a takedown for the GNU Project while we're at it because I could use wget to do the same thing. In fact, I could write my own program to illegally download content, so we better just get rid of computers altogether.
Stop attacking useful tools just because they can be used to do bad things! Youtube-dl should obviously change their README to get rid of the copyright-infringing example, but this DMCA takedown is otherwise rotten from the core.
It's kind of amazing that computing in general, and the internet in particular, is as open and free as it is (contrast with the closed end-to-end "appliance" model of gaming consoles, or to some extent iOS). Cory Doctorow has been ringing alarm bells for over a decade about both technical and legal efforts to end general purpose computation itself, or at least to make it more the exception than the norm:
> end general purpose computation itself, or at least to make it more the exception than the norm
I'd argue, cautiously, that general computation is already an exception. That's why I prefer Linux to Windows. On Linux I can issue a command from a general command interface (the CLI) to just play a video. If I only want audio, it's an option away. I can script things together. Most of my tools are interoperable. That's because I use FOSS, free protocols, free formats, free tech in general. Everything works together and everything augments each other. Windows, the popular workstation, is no that. It's a system of systems, where everything is a monolithic closed box that you can't get inside. It's inside your computer, you use it, but it's not yours. It's on loan from someone else. Interoperability is virtually non-existent, and there isn't such a thing as a usable CLI (an environment that would connect everything together). That's not general computing, I argue. General computing involves ther power to generalize, use the computing technology in arbitrary ways. Closed software, customer lock-in and all that other corporate bs is the anti-thesis of that.
Longer rant than expected. I find it a frustrating issue. Mostly because I intimately feel like we're paying a very high price for the greed of the few.
> On Linux I can issue a command from a general command interface (the CLI) to just play a video. If I only want audio, it's an option away. I can script things together...Windows, the popular workstation, is not that.
I use the same video player on Windows that you use on Linux, mpv. And I have a ton of scripts I use to navigate my video library. Windows doesn't put any burden on apps to not be interoperable. Plenty of apps interoperate just fine.
That's great, I wasn't aware that mpv was portable to Windows. Writting the above I vaguely realised that the video player example didn't have many legs to stand on. I used it because, for me, the interoperability of mpv and ytdl is a poster child for taking content that's on a closed platform (Youtube) and lifting it out for high interoperability with the rest of the system.
It's a fair point that Windows doesn't put burden on applications to be less interoperable, but it doesn't facilitate it either. The UNIX philosophy has completely bypassed Windows. You can do things on its command-line, especially if you augment it in various ways, but do you ever feel like it's a first-class citizen on Windows, or its ecosystem? I'd argue there's reasons for why, as a rule of thumb, only the biggest FOSS projects are compatible with Windows.
One thing that might be coming up is CPUs reducing the user capability to fully control the system (regardless of whether you run Linux or Windows).
One such example is Intel ME.
In the future, if the compute paradigm shifts towards something cloud-like, we might all be "stuck" inside an isolated Intel SGX container (or vice versa).
(2)No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—
(A)is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
(B)has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or
(C)is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.
Can you argue that youtube-dl meets any of those conditions?
You can argue that youtube-dl facilitates making copies of copyrighted works; that's easy. But the items A, B, and C that you quote all require circumventing a technological measure that controls access to a protected work. And youtube videos, in the general case, have completely uncontrolled access. You can't circumvent measures that don't exist.
YouTube videos don't have a right click option to download the video (a browser builtin) therefore there's a technical measure that controls the downloading of the video
You don't have to be technically correct, you have to be legally correct. It's like technically correct only it's way more pedantic
Legally correct isn't a more (or less) pedantic version of technically correct. Legally correct means primarily correct with respect to the colour[0] of a thing. Technical correctness disregards colour entirely.
Absence of "Download" button on a site, or in a context menu, is not technically a technical measure, particularly when you can press F12 and poke around the Network tab to get to the same resource, all entirely a browser built-in process. But it legally is a technical measure, because the little obstacle carries a colour of "intended to prevent downloads". That's usually enough.
--
[0] - See https://ansuz.sooke.bc.ca/entry/23 for detailed explanation of what "colour" is. In a rough tl;dr, colour as a concept is a blend of provenance and intent. Bits don't really have colour, but the chain of events that made particular bits be what they are does have it. Law is in a large part an exercise of dealing with colour, but the concept lies entirely outside of computer science, so it fundamentally can't enter it, and is thus usually ignored by the tech crowd. Colour is not data, and not metadata: it's the causal context.
Agreed and here the law actually defines this term:
> a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
In the ordinary course of using YouTube you cannot save copyrighted videos. This isn't so much the RIAA overreaching as it is them taking full advantage of a bad law.
(Also, Google actually did go out of their way to make it hard to save the files. Go hit F12 yourself and try. There's a reason a whole project exists to make it easier.)
> In the ordinary course of using YouTube you cannot save copyrighted videos.
On the contrary. Any ordinary use of YouTube (that is, using it to watch videos) necessarily involves making a local copy of the video. That's what you watch.
It doesn't matter. The bits arrive anyway. You don't get to run roughshod over what other people do with the bits you send them. End of story. If you didn't want me to have it, you probably shouldn't have pointed me at it, told me where to find it, and said go right on ahead. Don't mind if I do.
It's like someone getting angry at a kid or a tinker taking apart a gift. You gave it. It's mine. Thanks much, why are you so bent out of shape?
Except IP laws don't go this way. I feel like shouting into the wind in these threads.
The bits don't matter. How you got them does. If you'd pull the exact same sequence of bits from /dev/urandom on your first try, you'd be fine. But you didn't, you used a program to download the video from YouTube. You didn't download it through publisher-blessed means. In fact, the publisher and their proxies expended effort in shutting down the expected, "normie" ways of downloading it. In this way, you circumvented the technical copy protection mechanism (no matter how ridiculously trivial it was).
If you write an extension that automatically saves the streams your browser renders for you, that'd be "circumventing technical means" too, at least in case of YouTube.
That's the thing with intellectual property: it tags bits with colour, out of band, and you can't get rid of it without engaging with IP laws.
(Note that I do use your argumentation to defend ad blocking. But that's a different situation. IP laws don't recognize "free to view if and only if you view attached ads" as a colour, but it does recognize the "copyright" colour.)
> you circumvented the technical copy protection mechanism (no matter how ridiculously trivial it was)
They can't do ridiculously trivial copy protection legally, depending on the country they might be required to do at least authentication and authorization with disabled access to the sources and maybe even hardware DRM garbage, which neither Google nor publishers want to do because it will significantly reduce ad views. Basically there is no copy protection mechanism at all in this case.
>You didn't download it through publisher-blessed means. In fact, the publisher and their proxies expended effort in shutting down the expected, "normie" ways of downloading it.
Except that doesn't fly. Get back to me when they stop curl or wget with "Access by this User-Agent not supported", and I'll buy it. You are explicitly, not implicitly telling the user I don't support access via that mechanism. Then if they tamper with the User-Agent string anyway, you've got solid mens rea. Then have fun with your IP case. How this stands, is "oh, we want you to walk our little maze and view our adds as a prerequisite to viewing this particular content", but we'll tell you where to go afterwards (I.e. pay the toll, get the secret location to view your prize.) The toll for access is the add to a very large proportion of the world, that's you buying it. You have the right to back up what you buy.
It is a special defect of American jurisprudence that corporate entities reserve the right to shape the behaviors of everyone around them through something as flimsy as "well, we intended, your Honor." Guess what? You can intend in one hand, and poorly implement in the other and guess which one is real at the end of the day? The legal system is not an excuse for poor communication with large numbers of people. It simply does not pass my bar for actually implementing a technical safeguard. As it stands, YouTube was an unexpectedly successful platform for growth hacking, and the RIAA is attempting to roll up the ladder behind them.
My major contention, all else being equal is if you're doing the decoding step in the clear in JavaScript on the client you aren't enacting any control.
If the industry would like to produce a hardware platform where they can guarantee perfect IP law conformance, they are welcome to do so, but they haven't, or their attempts to do so have produced far less adoptance because gasp people aren't so gung to about spending money on things they can't own or functionally make their lives more difficult in order to make someone else's life easier.
They bought into the YouTube environment because they wanted their artists to reach the widest audience possible. They got that. And way more. It's a bit underhanded to come back and say "Hey, you people using that thing we deliberately switched to to make fat stacks of cash knowing it'd be leaky, and knowing we could have developed something better fit to the job, but not wanting to because there was business to be done now, stop using your machine in ways we don't like!"
They made their bed, let them sleep in it! Stop letting the tail wag the dog! This is also why IP is largely self defeating. IP doesn't incentivized actual furthering of the Arts and Sciences half as much as it does incentivizing litigation on whether a long enough period has gone by where a work or discovery can finally be considered endemic enough to build off of without being sued. By putting in place these established lines of legalized cartelry, the question of innovating becomes one of "how long do I have to wait to get this knucklehead out of the picture so I can build on common sense without inviting a bunch of lawyers into my life."
I can assure you. Legal issues for the everyday person is more than a generous reason not to try to push forward the state of the art, because for every guy that gets it right, there's someone who gets stomped on too.
Though, thank you, Temporal, and know you are not just shouting into the wind. I do hear and understand what you mean on the color as applied through the lenses of legalistic reasoning. I just object that the direction the legal profession is starting from were sound in the first place, and while I know that answer yields "Go talk to Congress", it's nice to occasionally have someone throw things at to see how they hold up when exposed to ration scrutiny.
So thank you.even if this seems like an inconsequential Internet argument, I appreciate it.
What about the words "with the authority of the copyright owner"? Nothing about doing it manually via Chrome's Network Tools or the Firefox or MS equivalent involves the authority of the video copyrightholder. So to me it doesn't seem within the legal definition.
Thanks for the response and interesting site to have a browse of rather than just dropping a "That's not how law works."! Pedantic was the wrong word to hinge my comment on.
That article the most enlightening things about law in general, and IP laws in particular, that I've ever read, so I'm always eager to remind HN about it :).
I've seen lots of words being wasted here and elsewhere in debates around piracy, copyright and patents, that essentially boil down to not understanding that, from the point of view of the law, bits have colour, and that colour is of paramount importance.
Absence of button not a "technological measure". Otherwise any browser having "view source" is a copyright violation tool - no site has "view source" button, and site code is certainly copyrightable material, so any browser - and in fact any text-mode HTTP client - that allows to view source is a "circumvention" tool.
No, but the various technological measures that Google uses to make it difficult to download a user copy of the video file, to the point where the compilation and use of an external tool is the easiest option, definitely are.
Seriously, youtube makes it more of a pain in the ass to download a plain video file than basically any other site on the web. You can't just view-source and get it, and you can't even nab the file from the event timeline like you can most sites that obfuscate that.
Like it or not, youtube-dl is popular in part because it does circumvent a lot of measures that youtube intentionally puts in place.
> but the various technological measures that Google uses to make it difficult to download a user copy
Which measures are those?
> to the point where the compilation and use of an external tool is the easiest option
Browser is the easiest way to do HTTP too, but one probably shouldn't claim HTTP is a technical measure to prevent using the Web (though some may be tempted to say so after a long day of debugging... ;)
> Like it or not, youtube-dl is popular in part because it does circumvent a lot of measures that youtube intentionally puts in place.
The only times I've used it was to download some lectures which were freely available to watch them over a long flight and a trip in places where network sucks. Surely, there are a lot of people who probably use it to download some RIAA-tainted crap, but it's not the only use, and the tool still would be useful if all RIAA stuff vanished from existence.
This is correct; the most common commit to the youtube-dl repo is fixing the js decoding that YT changes regularly to prevent eaxctly this type of access.
Obfuscation is clearly an accepted technological approach to security and control, if not always a good or effective one.
> You don't have to be technically correct, you have to be legally correct. It's like technically correct only it's way more pedantic
That's not how the law works. Legally correct is much less pedantic than technically correct. The difference is that legally correct often takes millions of dollars to ascertain.
I use youtube-dl all the time, and never illegally. Most of the content is CC-licensed educational content, and the major use is working in contexts without guaranteed bandwidth.
Browsers are not the only user agent out there, and that's not an active measure to prevent downloading, that's a decision not to implement a particular functionality.
There are also reasons that aren't infringing to grab your own uploaded YouTube content. Maybe you switched to another computer and left your portable drive at home. You have the right to access copies for personal use.
That they had the nerve to go for the tool is yet another extension of the war on first sale, and buyer freedom. Also, the people who made youtube-dl are not committing copyright infringement.
There are a lot of arguments against this counter example, including the fact that the browser does not facilitate you getting access in any other way than originally intended (legal) and it honors the caching policy defined for the resource (technical)
I would counter argue that if you are able to use youtube-dl you can explore the cache
The opposite cannot be taken for granted
But usually someone with very little technical knowledge can find files on their hard disks
It requires more than that to be able to run youtube-dl from the shell
The technical argument is even weaker, there are dozens of browser extensions that inject a "download video" button in video on demand websites
Video downloader professional has over 230k users, it can't download YouTube videos anymore because Chrome blocked it, because Chrome and YouTube are Google's and they don't care if you download videos, they only care about their videos, that show their ads, that make their money
youtube-dl serves a niche, a tiny one
What RIAA is doing is scaring people off from even trying, because the truth is that the real money is on mobile where youtube-dl doesn't exists...
BTW youtube-dl is a f*ng good piece of software, it should be praised not blocked
The referenced german court ruling, which is probably "Schutzgesetzverletzung: Umgehung von wirksamen technischen Maßnahmen auf Streaming-Portalen zum Schutz urheberrechtlich geschützter Musikwerke durch Konvertierungssoftware" found that the signature cipher used by YouTube counts an effective TPM. The code in youtube-dl that bypasses this is `YoutubeIE._decrypt_signature` in youtube.py
Unfortunately the law defines access control VERY broadly. If they take any steps at all to make it difficult to download the source video then that is a technological measure to control access. There is no requirement that it be effective.
Ah, sorry, that was a confusing choice of words. In the law they are using "effective" to mean "has the effect of" not "works well."
In any event the entire phrase "effectively controls access to a work" is defined in the law so what the words mean in english is irrelevant.
Here it means anything that "requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work." Which I think we can all agree is very broad.
Ah, but it isn't the copyright owner putting it in place. YouTube is. Therefore, it's just a protocol quirk of speaking YouTube.
You can say it's a selling point meant to entice ordered an the pot for rightsholders, but frankly, there is nothing but bandwidth consumption, storage, and processing limits that keeps anyone from just fuzzing the CDN namespace.
Stop thinking keys to locks. YouTube isn't there for that. I can pull off the equivalent of driving a fleet of minivans up and walking out with copies of the drives if no one else is eating up the bandwidth for long enough.
If there weren't any technological measures preventing you from downloading and saving YouTube videos, then youtube-dl wouldn't exist. You would just download the video from YouTube yourself.
"Preventing" is not the same as failing to enable. As far as I know, there's nothing that youtube has implemented that prevents downloading. It is simply inconvenient as a result of not being the primary goal.
Unfortunately it's well established that accessing resources that, even if not protected what so ever, without permission is illegal. YT's policy T&S on how and when you can consume it satisfies this.
I believe in the youtube-dl case allowing you to consume videos outside of the T&S is the crime and the automated scale is the punative factor.
IANAL and I don't agree with this; just responding to the parent statement of "You can't circumvent measures that don't exist"
As I understand it, there are two definitions of technological measure in the DMCA. One is in the anti-circumvention portion, the other in the anti-cirvumvention-tool portion. In the latter case:
17 U.S.C. Sec. 1201 (b)(2) (B):
a technological measure "effectively protects a right of a copyright owner under this title" if the measure, in the ordinary course of its operation, prevents, restricts, or otherwise limits the exercise of a right of a copyright owner under this title.
(A) to “circumvent protection afforded by a technological measure” means avoiding, bypassing, removing, deactivating, or otherwise impairing a technological measure; and
(B) a technological measure “effectively protects a right of a copyright owner under this title” if the measure, in the ordinary course of its operation, prevents, restricts, or otherwise limits the exercise of a right of a copyright owner under this title.
I don't believe the protections that youtube-dl works around qualify under the definition 1201(b)(2)(B) here, but I would definitely want to confer with a lawyer before posting a DMCA counterclaim.
I think youtube-dl failed 1201(a)(2)(C) and 1201(a)(2)(C) because of that README. Like I said, they should fix the README. However, I still consider it rotten that they would forcibly take down a project as big as youtube-dl because of something so innocuous.
A simple "cease and desist" against the youtube-dl project regarding their README examples almost certainly would have been sufficient. Instead, the RIAA took needlessly drastic measures with a DMCA takedown that paints RIAA as a poor defenseless victim from start to finish. This was not an attempt to right a minor copyright infringement, this was a public declaration from RIAA that they are aware of and object to the youtube-dl project.
This part of the DMCA takedown document is particularly rotten:
> The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use.
Lawyers are not engineers. Corporate lawyers are mercenary thugs with assistants, expensive suits, and very very very high daily rates.
This is the kind of thing is that lawyers do, because this is what they're paid to do.
You cannot win this by simply saying "Hands off our code - this is outrageous" because that's not how the law works.
If you want to make an argument agains this you literally have to make it stand up in court, and that is not easy.
While lawyers are sometimes foul and shameless creatures, the engineering community does not seem to understand that it is not playing on its own turf here.
If you do not take the time to understand the rules of the game you will lose hard. In this case the RIAA could easily have sued for damages and loss of earnings - and it would probably win that case if it came to court, although someone in counsel probably argued (wisely) that it wouldn't be worth the Streisand Effect damage.
Reading (A) and (B), I cannot help but notice that it doesn't matter whether the primary purpose of the circumvention is to infringe copyright. It is enough that the software/service is primarily about circumventing the "technological measure".
The technological measure itself doesn't even have to be primarily about preventing copyright infringement. It suffices that it effectively controls access to relevant works, even if it's not its primary purpose.
We could even argue that YouTube's restriction are primarily a means of getting people back to YouTube, with copyright enforcement being only a secondary concern. Sadly, this argument would be irrelevant with respect to (A) and (B).
It does, "ordinary course of operation" means "the most obvious use" and they took the tool as circumventing, looking at the test cases that are intended to succeed in circumvention.
No, really, it doesn't. It just makes the RIAA's case that much easier, makes YouTube-DL look bad. (A) and (B) above however are broader than that.
It doesn't matter that the technological measure is primarily about restricting access to protected works. It only matters that it effectively does restrict that access.
It wouldn't even matter if Youtub-DL is only used to access public domain videos, because their primary mode of operation would still be to circumvent the technological measure (assuming that measure restrict access to all works, not just the protected ones).
A "new" tool branded as a way to download public domain videos hosted on various web sites such as YouTube, (let's call it "Public Domain Tubes Archiver"), would still infringe on (A) and (B) if downloading those public domain videos primarily involved going around a technological measure that happens to restrict access to (unrelated) protected works.
The RIAA had a hard time too until the EU wrote the shitty laws their entire argument is based on (though what relevance those have to the DMCA is anyone's guess).
> Let's issue a takedown for the GNU Project while we're at it because I could use wget to do the same thing. In fact, I could write my own program to illegally download content, so we better just get rid of computers altogether.
I think the argument here is that explicitly, you can't with wget. youtube-dl specifically has circumventions for access controls for things like encrypted HLS, YouTube's ciphered player, etc.
It could download instructions and coordinating communication for drug manufacturing, money laundering, and terrorism! Add them to pædo porn and you have the Four Horsemen of the Infopocalypse! https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
Why stop there? Telnet can be used. Or what about wireshark? Let's ban those too. While we're at it, C++ can be used and other programming languages as well. We could keep going.
Digital Audio Tape DAT -- they tried REALLY hard to keep this technology out of the US market. Eventually they got a the authorities to impose a surcharge per blank DAT tape for 'lost income'.
Writable CDs came soon after which was probably going to kill DAT market no matter what.
Since the original version of DDS tape is basically just DAT tapes being used to store computer data, many of the commercially-available DDS drives could be re-flashed to allow them to read DAT as well. (Re-flashing was necessary to remove the software restriction that otherwise recognised DAT tapes and refused to read them).
I'm not going to post any links, but there's plenty of info online.
Even if we restrict the target set to "tools with a high likelyhood of being used for an illegal purpose" which I believe youtube-dl belongs in, when is the RIAA going after "guns"?
If you sell a "murderizer 3000" and explain in the owner's manual how to inflict a fatal wound and maybe also not leave any evidence behind it doesn't take a genius to argue you're selling a murder weapon, to murderers.
Right, that's my point. You can't make a tool called Youtube-dl with source controlled test cases that download copywritten material from Youtube and then claim it's not for downloading copywritten material from Youtube.
Why stop there? I can use my browser to illegally download content, so I guess we better issue a DMCA takedown that too. But who even needs a browser? Let's issue a takedown for the GNU Project while we're at it because I could use wget to do the same thing. In fact, I could write my own program to illegally download content, so we better just get rid of computers altogether.
Stop attacking useful tools just because they can be used to do bad things! Youtube-dl should obviously change their README to get rid of the copyright-infringing example, but this DMCA takedown is otherwise rotten from the core.