On behalf of everyone who has benefited from the precedent, thanks for fighting it! The EFF helped me with a DMCA abuse that threatened to escalate a few years ago and cited that case in the response.
It isn't legal but USA has an interesting (as in the curse "may you live in interesting times") legal system where this is rampant and no one will ever be punished for it.
Companies use it to hide criticism (VW with emission, game developers with reviews, etc.) and YouTube is full of whining on their idiotic quasi-DMCA process where companies can claim and then take down or monetize content they don't own (Kevin MacLeod's royalty free music, public domain music, static noise, game reviews that conain gameplay and are negative, etc.) and you have to dispute it and provide your real life details to Google as if they are a court to make it go away.
Someone needs to inform EFF, this sets an important precedent:
Having to alter your software because it references a domain makes it dependent on all data being in line with DMCA requirements interpreted by the copyright holders(that is you can't use your software without complying with terms of domain owner). It transforms control of web experience.
Imagine that a domain owner requests you mine some cryptocurrency to load his website and any browser that doesn't send him proof of mining is illegal(in reality this can be done with mandatory JavaScript and cookies checked on server for hash matches) due "access control" portion of DMCA.
Most software makers can't afford to ignore DMCA or fight it.
That would be a very odd interpretation of that phrase --- because when one usually thinks of "access control" and the DMCA, circumvention is about allowing access to copyrighted work. Adblocking is essentially all about disallowing access.
But if that interpretation does hold up in the courts, it could lead to a very slippery slope where it becomes illegal to refuse to consume specific content. The equivalent of not being able to change the channel on the TV or go do something else when the adverts start, or even... just close one's eyes and ears.
If I understood it correctly, that article is about anti-adblock, which denies access if you have an adblock. That is, the DMCA wouldn't apply to adblock, but would apply to anti-anti-adblock.
Yes, it does seem like a bizarre legal theory, since a simpler way to bypass the anti-adblock would be to disable the adblock. That is, it would be a DMCA violation to not block ads, since by not blocking ads you're bypassing the anti-adblock and watching the content!
I really don't see what's preventing a site from saying, "in order to use this site you must turn off all forms of content filtering" and have that be enforced by a court.
I could see ad blocking spun as an unauthorized derivative work.
I am a lawyer, and "circumvention of access control" means defeating DRM measures, like when you rip a CD or DVD to make a copy on your computer. Someone would have to really torture their reading of the law to come up with "writing down a domain from which ads are served is prohibited by the DMCA."
It's the part that says "impairing a technological measure without the authority of the copyright owner" that I wonder if they're testing. I agree with you, it's still a stretch (how can the list itself be a violation? it is speech)
"...Prohibited acts therefore include descrambling a scrambled work, decrypting an encrypted work, or otherwise avoiding, bypassing, removing, deactivating or impairing a technological measure without the authority of the copyright owner..."
It likely wasn't functionalclam.com itself that filed the request. Rather, the owner of a site that uses some ad tech hosted there is likely claiming that EasyList is aiding in the impairment of a technological measure they implemented, which according to this interpretation, is a violation of the DMCA.
It would likely be an interesting court battle, but apparently isn't one that the EasyList folks are willing to defend at the moment.
Anyone can send you a scary letter claiming anything at any time. Your choices are always A. Ignore it B. Delete your comment or C. Pay a lawyer $500/hour for advice.
People have trouble conceptualizing small probabilities, so that minimum threshold of choosing A and being wrong times "all the money in the world"[1] might be > $500, so it's always rational[2] to delete your comment if you don't want to schedule time with a lawyer.
So in other words, scary letters work because they're scary and make people scared. Sounds like the more people choose C the more these scary letters become self-fulfilling.
Some people use the term "DMCA" for informal takedown requests. We need to see the actual form or at least get a definitive "yes, it was an actual DMCA" before speculating.
The EasyList filter lists are sets of rules originally designed for Adblock that automatically remove unwanted content from the internet, including annoying adverts, bothersome banners and troublesome tracking.
IANAL: Seems to me like EasyList would have a fair-use defense here, beyond the fact that I'm pretty sure you can't copyright a domain name (trademark is a different story). They created a curated, novel work using the domain, or they are making commentary on the domain like in a news story (the commentary here being that this domain serves ads).
Could you please elaborate where it mentions that it is used a tracking domain? Because I can read, and I don't read anything like this.
It does mention it records metrics to help understanding and authorising access to their site and copyrighted content. Afaik this is called logging; not tracking.
Maybe, just a suggestion, also monitor the list of urls you provide. So many are no longer existing... Maybe if you want to provide this service, try to keep a certain quality.
That includes not listing things willy nilly because YOU think there is proper reason. At some point there will be a party that will call your efforts, in case you keep listing things without proof/reason, defamation or libel...
I do monitor the list. A script runs weekly that checks the validity of hosts in the list, and removes them after a number of failed checks. You can see failed checks in the details of a specific entry (eg: https://pgl.yoyo.org/adservers/details.php?hostname=addealin...).
So you would favour blocking all sites and services that do any logging? I suggest you cancel your ISP membership if you really don't want to be logged anywhere.
Basically any sane site owner/operator logs access request to his or her site. Certain security policies like PCI also force parties in payment industry to log everything. Why then don't block PayPal? All credit card processors? If you think logging is the same as tracking.
At least then be consistent about it.
Though this was just a shameless plug by that blocklist operator. The url was the topic, he shows that he is is 'bad ass' and just lists it because it was removed at another party via DMCA (claimed by OP). Then says the site EXPLICITLY mentions it does tracking, while it doesn't show this at all.
Those blacklists have a very few unique parties that actually properly collect and maintain a list of urls. The rest just copies the others. Parties like pi-hole etc don't contribute anything, but integrate and copy years old blacklists of each other and then claim to be some internet saviour. If you really care about the connections you have outgoing, use proper egress filtering. (little snitch like apps e.g.) This way you will filter everything, and not just the list of urls that are known by those list maintainers.
If i was that party i'd consider legal actions. And dont read 'i say it doesnt do tracking', i say it doesnt mention it at all on the site, something the blacklist operator does claim. I prefer people have proper proof before claiming something and blacklisting a party.
As with any issue of security and privacy, there are tradeoffs.
> So you would favour blocking all sites and services that do any logging?
I make an effort to block as many as I can without breaking the page I'm trying to visit, yes. Usually this means having umatrix block about half the requests from a site.
> If you think logging is the same as tracking.
Logging by an analytics company, yes. And I do block those; Google is the most common, but this one counts.
> Parties like pi-hole etc don't contribute anything
Still my point about the reason for the operator to list the url stands. There is no evidence on that page that says its used in such way, and thats' what reason is mentioned for listing it. And i think that's bad. If he had some proof of network traffic etc, showing tracking via this url, you would not see a comment by me. But stating they explicitly mention something, and its not there... Again could still be used for tracking.. but it certainly doesn't say so.
Usability, thats another topic indeed :) usability, should NEVER compromise quality!
And over years of dealing with many of them, i cannot give them any credit for their quality. Certainly not when i realised, found out, there are only a handful of 'original' source lists. And the rest 95% just blindly copies and appends from others, and never bother to revalidate their own list.
Regardless, this seems to become an endless loop, so lets exit() and i wish all a nice weekend!
I see no reason why that solution would not work, however, the overhead- looping all domains/elements, hashing them, then doing a key->value lookup- might not be worth the processing power. Good solution and worth looking into though!
Storing hashes in source repo would make it very hard to manage and I am not sure if processing raw names into hashes as part of build would be any help against such DMCA request.
A quick glance at robtex suggests one would probably be safe to block the IP address: 104.198.107.72
Below are some of the other whimsical domains listed as pointing to this address.
Whether we send one of the names below in our Host: header or some randomly chosen name, we still get the same response, devoid of any content, except an <img> tag to track the user.
It doesn't matter. Easylist does not have a registered dmca agent and is not eligible for dmca protection regardless of their response to dmca formated takedown requests.
I don't know if the Streisand Effect is going to happen with this one, but it seems very odd that the DMCA could even be applicable here.
Edit: https://www.copyright.gov/help/faq/faq-protect.html#domain
Can I copyright my domain name?
Copyright law does not protect domain names.