GitHub has removed the ability to access youtube-dl's source code due to a DMCA request by the RIAA

... The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use. We note that the source code is described on GitHub as “a command-line program to download videos from and a few more sites.” ...

Micah F. Lee (EFF/The Intercept @micahflee

"RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos"

HN discussion:


Reddit search:


Censorship, propaganda, surveillance, and targeted manipulation are inherent characteristics of monopoly:

RMS, "The Right to Read" (1997):

Remember that the RIAA is a bad-publicity-deflection cartel of its major members. These are:

Strategically / tactically, the most interesting aspect of the RIAA attack on youtube-dl to me is that it puts Microsoft on the spot to show its true colours. Is it Friend of Free Software, or Copyright Maximalist?

This isn't a DMCA takedown. It's a cease and desist letter citing the DMCA.*

The difference matters. GitHub is required to honor DMCA takedowns. Other legal requests are granted on a case by case basis.*

-- /u/telionn @ reddit

As I understand, takedown is a 17 USC 512 (copyright infringement) safe-harbour, but not a required or indemnifying protection under 17 USC 1201, anti-circumvention:

Lumen (Chilling Effects) is silent on this point in their FAQ:


The ZDNet reports this is part of a larger action:

"RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos"

and isn't a DMCA 512 takedown:

Although GitHub classified the RIAA letter as a DMCA takedown request, it is not one. As Public Knowledge Legal Director John Bergmayer pointed out today on Twitter, RIAA isn't alleging the library infringed on its rights, but that the library is illegal in itself.

This isn’t really a DMCA request. I don’t see an assertion that youtube-dl is an infringing work. Rather the claim is that it’s illegal per se

— John Bergmayer (@bergmayer) October 23, 2020

The more I look at the RIAA's complaint, the stranger it seems.

I'm not even sure that the RIAA has standing to sue or could demonstrate injury:

  • The claimed anti-circ method is not the RIAA's, it is Google's (via YouTube).
  • As a user agent, youtube-dl is simple an alternate Web access method which runs code from the YouTube website as a necessary part of the process of accessing and playing content ... meant to be accessed and downloaded.
  • Youtube-dl has substantial non-infringing use. 17 USC 1201(a)(2)(B)

See 17 USC 1203: Civil remedies:

Parker Higgens (Freedom of Press) DMCA 512 vs. 1201 analysis. Crux:

By contrast, the RIAA letter is not a “takedown notice” exactly. It seems to basically assert that youtube-dl violates DMCA §1201, which regulates tools for circumventing “technical measures” controlling copyright. Here's the relevant portion of the law:

The RIAA’s fraudulent attack on youtube-dl is not a DMCA §512 infringement/safe-harbour, and the reality is weird

TL;DR: This is not a 17 USC 512 infringement/safe-harbour, RIAA’s standing is highly questionable, it is threatening a member for an averred nonmember’s §1201 injury, any actual works duplication is not performed by youtube-dl’s developers directly, nor is the work itself or its test suite an infringement of RIAA / members copyrights, and numerous defences exist for routine use or incidental transmission or copies made by developers, hosting services,or others. Further, youtube-dl, digital and information liberties groups, Microsoft, and Google/Youtube should fight the RIAA’s claim.

You're right, but anyone who expected anything but a reflexive takedown for a copyright request from a big corp hasn't been paying attention.

It's infinitely more convenient for these hosting corps to keel over to the first legal notice over third party content, and I think you'd gain more insight into behaviours looking at when they don't roll over vs when they do.

@polyphonic @dredmorbius it’s a DMCA notice. they have to take it down, it’s the law, not an ethical decision they have to make case by case. it’s how DMCA works. what sites like github get in exchange is to not be held legally/editorially responsible for any of the random shit their users post.

@polyphonic @dredmorbius there’s a way that DMCA works. the first notice, the site *has* to take the content down, regardless of its merits. then the content owner can dispute the notice as illegitimate, which in this case, it is since the code contains no copyrighted materials, and circumvention tools aren’t covered by the DMCA.

@polyphonic @dredmorbius so the counternotice, the contenr has to stay down for 10 days, the site— has to put the content back up. again, regardless of its merits, and in those 10 days, the RIAA has to declare their intent to actually sue, or the content just goes back up, the end.

@polyphonic @dredmorbius rather, circumvention tools *are* covered by the DMCA but not by the notice/counternotice stuff which is supposed to be for actual content. The RIAA is misusing DMCA notices and therefore faces a potential penalty

@polyphonic @dredmorbius there is no part of any of this process where microsoft or github are legally able to assert any ethical stance on any of it. it’s purely mechanical laws

@polyphonic @dredmorbius the instant microsoft does become involved and assert any ethical stance on things like this, that changes github’s legal category from being a carrier to being a publisher, and that is something nobody should want to happen

@polyphonic @dredmorbius in the real world, misuses of the DMCA don’t get penalised, so corporations tend to promiscuously file them as a bullying tactic, to get people to fold so they don’t have to bother paying for a real lawsuit, which is what the RIAA legally should be doing instead.

@polyphonic @dredmorbius again, microsoft and github are not involved in any of this. that is the bargain we made in exchange for having websites that allow users to post things.

@zens @dredmorbius
Thank you for clarifying my suspicion. I was hazy on the legal weight of a dmca notice (not american, but follow as best I can)

Microsoft/github are largely bystanders here.

Not to give them any credit, they are bad actors in many other ways, but not here.

@dredmorbius well given that it isn’t a dmca notice and the prior distinctions. it’ll be interesting to see how microsoft responds.

though i will admit, i think the view of corporations ethical responsibilities being similar to individuals’ is naive- generally- not mentioning this as a specific criticism of anyone here.

corporations are sort of legally and ethically obliged to act like antisocial psychopaths, even when they’re made of reasonable ethical people

@zens This is precisely why the strategic aspect is so interesting.

I absolutely expect Microsoft to decide and act based on its assessment of long-term direct benefit. And that question, vis-a-vis copyright, and specifically 17 USC 1201 anti-circumvention, is very much in question.

Ethics plays a minor role.

@zens Though true, this is a de facto and not de jure distinction. Law isn't the issue, risk is.

Microsoft are well-capitalised. They also exited the music biz in 2017:


@zens Incorrect. Safe-harbour provisions (512), which do not apply in this action (1201), would be lost in the specific action.

Q: Does a service provider have to follow the safe harbor procedures?

A: No. An ISP may choose not to follow the DMCA takedown process, and do without the safe harbor. If it would not be liable under pre-DMCA copyright law (for example, because it is not contributorily or vicariously liable, or because there is no underlying copyright infringement), it can still raise those same defenses if it is sued.


@dredmorbius @zens
This is an interesting distinction I'm not super familiar with.

It still seems to me github has nothing to gain by resisting, whether it's a technically legal stance they can take or not.

Microsoft does not benefit from taking a stand here. Companies only care about ethics when it helps them. This is exactly what anyone looking at history should expect.

@dredmorbius @polyphonic i suspect that microsoft primarily wanted to acquire electron and atom, with github itself being kind of a secondary concern. but i have nothing in particular to back that up other than a feeling

@dredmorbius @polyphonic and kind of watching them not doing a fuck of a lot with github in particular while at the same time already being halfway through making electron and atom into the new official native windows platform api at the time they bought github

@dredmorbius @zens
I wouldn't be shocked if they siphoned devs off onto other projects and left the husk to run itself tbh

@polyphonic I believe there've been corporate challenges, though I don't have reference to any offhand.

@dredmorbius Also interesting: Given they're now arguing that YouTube is DRM, did they need to get the W3C to standardize EME?

@dredmorbius Seeing them cite DMCA 1201 against YouTube downloaders which I can watch without using EME or other plugins, leaves me questioning where the lines are being drawn on what qualifies as DRM.

I guess this highlights that DRM is really a legal construct masquarading as a technological one!

@dredmorbius "Encrypted Media Extensions", it's a somewhat recent & controversial Recommendation from the W3C that allows websites to stream audio & video through non-standard "Content Decryption Modules" (DRM) like Google Widevine & Apple Fairplay.


DRM is really a legal construct masquarading as a technological one!

Yes, this, exactly.

@dredmorbius @micahflee What it is is bullshit. We've used youtube-dl for archiving BLM activism videos before and this takedown/request is directly affecting projects that support democracy and expression.

@dredmorbius @micahflee Besides from practically all YouTubers using it to make backups of their videos in case they lose an original file

@thomasfuchs @dredmorbius @micahflee
It is objectively bullshit. youtube-dl is not helping circumvent "effective technological measures". It can extract the links to the streams from webpages. It can not break DRM.

Anyone could find those links by opening the built-in network inspector of a browser and run ffmpeg -i <url> -map 0 -c copy stream.ts

It's clearly a case for the EFF.

@smpl @thomasfuchs @dredmorbius @micahflee But they're citing that german courts consider YouTube to be DRM. Still doesn't necessarily apply to the US...

Remember: DRM is a legal construct masquarading as a technological one!

@alcinnz @thomasfuchs @dredmorbius @micahflee

It's easy to understand why they chose not to cite a finnish court ruling from 2007, who said this about a real DRM protection, CSS (DVD).

"CSS protection can no longer be considered an effective technological measure referred to in the law. A consequence of this is that the constituent elements of a misdemeanour of violating a technological measure are not fulfilled. Therefore the charge must be dismissed."

@dredmorbius @micahflee I still think that the maintainers of youtube-dl should tell the DMCA to take that letter and shove it up their ass.

@Ertain The useful waay to do so should have both legal and economic teeth.

@dredmorbius it's a smart play going at GitHub/Microsoft. If there's no takedown the RIAA can sue (a weak suit that would likely lose, but would cost Microsoft money to defend). By taking down the repos Youtube-dl cannot sue. Github dodges any legal issue by just caving to a "good faith" speculative notice. The repos can move to a self hosted domain on any number of git platforms and we can wait for a follow up RIAA takedown that's aimed more directly at the maintainers and which can be properly defended.

@dredmorbius @micahflee I jist installed gogs in docker for myself to prepare it to self host... no github for me.. i will miss the cat logo tough

@dredmorbius I like this comment:

On this story, I've been finding myself saying "the RIAA might have a case, but only due to a law I absolutely oppose!"

Really, I don't think we should be putting all our eggs in one basket. All our videos on YouTube. All our code on GitHub. If you're worried about this take down, moving off GitHub & YouTube is probably the best thing you can do!


Agreed -- and PeerTube is a thing -- but YouTube remains the largest library of publicly-accessible videos in the known universe, which is not a resource we should surrender lightly.


@woozle @dredmorbius My attitude is that we want the video creators to surrender it rather than the viewers. Convince them to post their videos elsewhere instead of or in addition to YouTube.

Ideally it won't matter where they post it!

Personally I find it convenient to upload the occasional video to my home static webserver...

Sign in to participate in the conversation

On the internet, everyone knows you're a cat — and that's totally okay.