Is youtube-dl takedown due to their tests which use copyrighted content?

Question

The DMCA takedown notice posted on GitHub's youtube-dl page seems to be primarily based on the fact that youtube-dl is expressly advertised as a tool to "circumvent the technological protection measures used by authorized streaming services", to the point that the test cases consist in downloads of videos copyrighted by WMG and Sony Music:

Indeed, the comments in the youtube-dl source code make clear that the source code was designed and is marketed for the purpose of circumventing YouTube’s technological measures to enable unauthorized access to our member’s copyrighted works, and to make unauthorized copies and distributions thereof: they identify our member’s works, they note that the works are VEVO videos (virtually all of which are owned by our member companies), they acknowledge the those works are licensed to YouTube under the YouTube standard license, and they use those examples in the source code to describe how to obtain unauthorized access to copies of our members’ works.

Is this really the crux of the problem? That is, if youtube-dl developers removed problematic test cases, comments and links to copyrighted videos, would the project become compliant with the Section 1201 of the DMCA? Or is the real problem that youtube-dl implements the "rolling cipher" used by YouTube to protect their content?

Answer 1

The takedown action is a little sketchy. The law regarding takedown notices and host liability is here. The notice includes "Identification of the copyrighted work claimed to have been infringed", a "signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed", and a statement that "the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law". These things are present in the notice, for which reason the items were taken down.

The complaint states that

The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use. We note that the source code is described on GitHub as “a command-line program to download videos from YouTube.com and a few more sites.”

and

the source code expressly suggests its use to copy and/or distribute the following copyrighted works owned by our member companies:

Icona Pop – I Love It (feat. Charli XCX) [Official Video], owned by Warner Music Group Justin Timberlake – Tunnel Vision (Explicit), owned by Sony Music Group Taylor Swift – Shake it Off, owned/exclusively licensed by Universal Music Group

Complainants are "confused" about actual infringement (which is prohibited by copyright law), and creating a method for infringing copyright. Under DMCA and US copyright law, copying is infringing, programming is not infringing. The complaint does not clearly allege unauthorized copying of another person's intellectual property, and their complaint is based on the theory that certain programming actions constitute copyright infringement. I don't actually think they are confused, I think they are testing the boundaries.

Github has no reasonable options but to comply; the authors have the option of filing a counter-notice; then RIAA has the option of claiming that they have filed a copyright infringement lawsuit. If they do, the material remains taken down and the courts sort it out if a lawsuit is actually filed. There is minimal burden on the complainant to reign-in over-zealous takedown notice practices: Lenz v. Universal Music finds that complainants must give good faith consideration to a fair use defense.

17 USC 1201(a)(1)(A) states that

No person shall circumvent a technological measure that effectively controls access to a work protected under this title.

Let's assume that the removed material does circumvent a technological measure protecting a work. This is a separate offense in Title 17. 17 USC 501(a) defines infringement of copyright, saying

Anyone who violates any of the exclusive rights of the copyright owner as provided by sections 106 through 122 or of the author as provided in section 106A(a), or who imports copies or phonorecords into the United States in violation of section 602, is an infringer of the copyright or right of the author

Production of an anti-circumvention technology is not included in those sections: on a plain reading of the law, this is not infringement.

To summarize the legal dance at issue: RIAA has taken the first legal step in alleging infringement, and Github has taken the material down because Github does not get to decide what the courts would conclude. Let's assume the authors file a counter-notice stating that there is no infringement; then, equally, let's assume that RIAA states that they files a lawsuit. Github will leave the material down. Let's also assume that RIAA actually files suit. Under the prior assumption that the material violates 17 USC 1201(a)(1)(A) which seems likely, the authors could be slapped for being in violation: but they would not have been in violation of §106-122. What recourse would the authors have for RIAA's misuse of the term "infringe", and against whom? Nothing against Github: the service provider does not get to decide the merits of the case. Perhaps RIAA. From Lenz supra,

If an entity abuses the DMCA, it may be subject to liability under § 512(f). That section provides: “Any person who knowingly materially misrepresents under this section—(1) that material or activity is infringing, or (2) that material or activity was removed or disabled by mistake or misidentification, shall be liable for any damages․” Id. § 512(f). Subsection (1) generally applies to copyright holders and subsection (2) generally applies to users. Only subsection (1) is at issue here.

The court said that

We must next determine if a genuine issue of material fact exists as to whether Universal knowingly misrepresented that it had formed a good faith belief the video did not constitute fair use. This inquiry lies not in whether a court would adjudge the video as a fair use, but whether Universal formed a good faith belief that it was not. Contrary to the district court's holding, Lenz may proceed under an actual knowledge theory, but not under a willful blindness theory.

Perhaps the authors can prove actual knowledge. The Lenz reasoning on this point (§IV C) is rather contorted.

Answer 2

The takedown request states:

• A list of youtube-dl forks to take down (uninteresting)

The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use. We note that the source code is described on GitHub as “a command-line program to download videos from YouTube.com and a few more sites.”1

This seems purposely false.

As for (i) IMHO the clear purpose of the source code is to download videos from youtube (and other services). I wouldn't even consider YouTube a "streaming service". I would consider youtube-dl to be centered on downloading the files that people upload. In fact, youtube-dl repository goes back to July 2008. YouTube started testing live streams in 2009, rolled out live streaming in April 2011 and wasn't opened to the general public until 2013 (Source).

And for (ii), it seems narcissist to consider that youtube-dl was made just for videos and sound recordings owned by their member companies without authorization. It's not like YouTube only had RIAA content, precisely.

We also note that the source code prominently includes as sample uses of the source code the downloading of copies of our members’ copyrighted sound recordings and music videos, as noted in Exhibit A hereto. For example, as shown on Exhibit A, the source code expressly suggests its use to copy and/or distribute the following copyrighted works owned by our member companies: (...)

Not at all. They are included as tests for the features, not as "sample uses". It doesn't even include a command line on how to download them. Those are date in json format (a list of dictionaries) which are assigned to a variable named _TESTS. That can hardly be construed as suggesting the use of the program to copy or distribute those videos. In fact, what it might have produced is to artificially raise the view count of those videos by their members, as they would be downloaded automatically when running the tests by GitHub testing architecture (or manually by the developers themselves), without the vedeos really been seen.

The source code notes that the Icona Pop work identified above is under the YouTube Standard license, which expressly restricts access to copyrighted works only for streaming on YouTube and prohibits their further reproduction or distribution without consent of the copyright owner; that the Justin Timberlake work identified above is under an additional age protection identifier; and that the request for the Taylor Swift work identified above is to obtain, without authorization of the copyright owner or YouTube, an M4A audio file from the audiovisual work in question.

The tests want to ensure that the code is able to download

• Normal videos ('note': 'Test generic use_cipher_signature video (#897)')
• Videos with an age limit ('note': 'Test VEVO video with age protection (#956)')
• And the comment on Taylor Swift video (JS player signature function name containing $) actually seems like a bug that was detected related to that video, so it was included to ensure it didn't reappear. (issue 4706, "Looks like Google switched to a new JS compiler that includes dollar signs in function names.")

We have a good faith belief that this activity is not authorized by the copyright owner, its agent, or the law. We assert that the information in this notification is accurate, based upon the data available to us.

This is probably a boilerplate text, but what appears before is not really a content infringing on their members copyright. It might be that Icona Pop, Justin Timberlake and Taylor Swift would be upset that youtube-dl developers ensured that their videos could be viewed properly, though.

Anticircumvention Violation. We also note that the provision or trafficking of the source code violates 17 USC §§1201(a)(2) and 1201(b)(1). The source code is a technology primarily designed or produced for the purpose of, and marketed for, circumventing a technological measure that effectively controls access to copyrighted sound recordings on YouTube, including copyrighted sound recordings owned by our members. For further context, please see the attached court decision from the Hamburg Regional Court that describes the technological measure at issue (known as YouTube’s “rolling cipher”), and the court’s determination that the technology employed by YouTube is an effective technical measure within the meaning of EU and German law, which is materially identical to Title 17 U.S.C. §1201 of the United States Code. The court further determined that the service at issue in that case unlawfully circumvented YouTube’s rolling cipher technical protection measure.2 The youtube-dl source code functions in a manner essentially identical to the service at issue in the Hamburg Regional Court decision. As there, the youtube-dl source code available on Github (which is the subject of this notice) circumvents YouTube’s rolling cipher to gain unauthorized access to copyrighted audio files, in violation of YouTube’s express terms of service,3 and in plain violation of Section 1201 of the Digital Millennium Copyright Act, 17 U.S.C. §1201.

Actually, and without having digged into those decisions, I see more value on the claim that youtube-dl is infringing DMCA based on the that it is circumventing the technological measure of the rolling cipher. Exclusively, as I see no basis for the prior statements.

Indeed, the comments in the youtube-dl source code make clear that the source code was designed and is marketed for the purpose of circumventing YouTube’s technological measures to enable unauthorized access to our member’s copyrighted works, and to make unauthorized copies and distributions thereof:

However, they are not including such clear comments as evidence. Plus again, it's egoistic to claim that it was done to get access for their members works.

they identify our member’s works, they note that the works are VEVO videos (virtually all of which are owned by our member companies), they acknowledge the those works are licensed to YouTube under the YouTube standard license, and they use those examples in the source code to describe how to obtain unauthorized access to copies of our members’ works.

Again, those are not examples but tests. Apparently, the developers simply included existing videos in their tests to check that it was working correctly. It would have been preferable that they used their own test videos (as they also did at times). Just above the entry of Icona Pop, there is one for youtube-dl test video "'/\ä↭𝕐, so following the RIAA rationale, the purpose of youtube-dl developers would be that people copy and distribute such video, instead of ensuring that videos with special characters in their description are handled correctly.

In light of the above noted copyright infringements and anticircumvention violations, we ask that you immediately take down and disable access to the youtube-dl source code at all of its locations where it is hosted on GitHub, including without limitation those locations in the representative list set forth above. etc.

---

RIAA and good faith

It's also interesting to note that the RIAA members content is so tangential that had RIAA reached youtube-dl requesting them to be removed from the list of tests, rather than directly sending a DMCA takedown, I'm quite sure they would have happily complied, since those entries are clearly not for what RIAA claims.

The takedown request is also overly ample, by targetting the whole repository, whereas it could have targeted instead only the file https://github.com/ytdl-org/youtube-dl/extractor/youtube.py which seems to be the one they are angry with. This is just one of the 766 files on the extractor folder.

My usage of youtube-dl

Finally, since they seem to be demonizing youtube-dl, let me clarify my stance. Yes, I have used youtube-dl in the past. Last one was 6 months ago. It had absolutely no relationship with VEVO, RIAA or music companies.

In fact, I have been in the situation where downloading then viewing was the only recourse to watch certain videos, as the web interface of the platform didn't work on the user browser, required obnoxious steps or simply, was constantly being stopped due to low bandwidth, to the point of making it impossible to watch.

So much for the "clear purpose" of youtube-dl to infringe upon RIAA member companies.

Answer 3

November 16 2020 - GitHub today reinstated the youtube-dl open-source project. Electronic Frontier Foundation lawyers explained in a letter that Google does not have any technical measures in place to prevent the download of its videos -- all of which need to be made freely available to all kinds of apps, browsers, smart TVs, and more. Hence, EFF lawyers argued that the YTDL library could never be taken down under Section 1201 of the DMCA since the library doesn't actually circumvent any sort of copyright protection system in the first place.