Here's How We Use DMCA to Fight Nonconsensual Pornography
After almost 25 years, it might be time to readdress copyright law.
Hello hello! Happy MLK Day! We’ve decided to move our publication date to Monday so you can receive your hatemail right at the start of the work week!
We are also considering moving our newsletter to Revue, Twitter’s alternative to Substack. You can check out what that might look like here. Please do contact us if you have any strong opinions on this.
As always, you can reach out to us at firstname.lastname@example.org for comments, feedback, or questions. Cheers!
— The LaBac Collective
Controversial DMCA Back in the Spotlight
After a wave of Twitch bans including some of Twitch’s top earners on the platform, notably, Hasan Piker (HasanAbi) #13 at $2.8 million and Imane Anys (pokimane) #39 at $1.5 million) as purportedly leaked by Twitch, folks are talking about the Digital Millennium Copyright Act (DMCA).
Twitch streamers have been struggling with DMCA strikes and bans for a while now, which can also be witnessed on other platforms including YouTube and in stranger places too (tractor hacking and the Right to Repair fights, Ticketmaster suing RMG over ticket scalping via DMCA, Volkswagen stifling legitimate researchers looking into hidden code via DMCA, the 2001 arrest of Russian programmer Dmitry Sklyarov at the DEFCON in Las Vegas via DMCA claims). One might ask, how can a single act be used so widely in many different applications?
DMCA is a commitment passed by Congress in 1998 to comply with two treaties put forth by the World Intellectual Property Organization back in 1996. It’s a hefty piece of legislation that expanded protections for copyright holders and punishment for violations, while also simultaneously limiting the liability of hosting platforms when user content violates copyright law. And these limitations on platform liability are key.
In exchange for reducing company liability when users violate copyright law, lawmakers incentivized hosting companies to aggressively show good faith to DMCA, such as creating comprehensive takedown policies. This understanding was legally tested back in 2010 in a lawsuit between Viacom and YouTube. The decision in that case (YouTube won) actually better-secured liability protections for hosting platforms under the so-called “safe harbor” provisions of DMCA, which groups like the Electronic Frontier Foundation (EFF) have championed to combat the more information-restrictive components of DMCA.
Truth be told, LaBac reaps the benefits of these DMCA safe harbor provisions all the time. When we help remove sexual content that’s been nonconsensually posted on the internet, we take advantage of these DMCA-incentivized takedown policies around copyright images. And we stay alert to which companies are more compliant with victims’ takedown requests and which companies are more difficult to work with. (The Cyber Civil Rights Initiative’s Without My Consent project is one of our favorite takedown resources, which you can find here).
To be clear, we aren’t particularly interested in defending DMCA beyond how it benefits us and the people we work to help. After all, DMCA isn’t designed to help victims of nonconsensually posted porn; it’s designed to protect the intellectual property of corporations that largely benefit from strict copyright holding as opposed to individuals, small artistic creators, or content creators (YouTubers, TikTokkers, Twitch streamers, etc.). And we are also well aware of the many other ways that DMCA has been bad for information sharing. But for now, this strategy of co-opting intellectual property law has become an important tool in the fight against cyber sexual harassment… and we’d like to continue using it while we can.
What we’ve also learned from doing this work is that takedown policies are a reflection of how different companies, such as Twitch, interpret DMCA and what parts of the legislation are important to them. This includes how much energy platforms put into avoiding lawsuits and the stakeholders or relationships they prioritize. So, while it's convenient for hosting sites to point to DMCA when they make unpopular takedown decisions that impact popular creators, the truth is hosting companies like Twitch have more power in how they apply DMCA than they let on (consider how Twitch changed their unique DMCA policy in July 2021). In the end, it largely comes down to what (and who) is important to the company.
Of course, in an ideal world, our preference is smarter internet legislation. But until the political field changes, a full stop of DMCA — without legislation already in place that functions in a similar way we’ve used DMCA-incentivized takedown policies — could be devastating to victims of nonconsensual porn sharing. But the broadness in which DMCA has been applied is troubling.
After almost 25 years, it might be time to readdress copyright law as it applies to the Internet and reflect on how DMCA has shaped the original issues it targeted such as piracy and copyright infringement. For now, creators' opinions are split on the actions of Twitch streamers as some feel like the actions of recently banned Twitch streamers fall under ‘fair use’. Alternatively, Youtubers and other veterans of content creation such as Let’s Players are left to fear ‘adpocalypse 2.0’, or another large crusade by corporations across platforms of stricter DMCA crackdowns.
TECH ETHICS AND PRIVACY
[The Verge] On Friday, several state attorneys released a new antitrust complaint against Google for alleged collusion with Facebook over advertising markets. The complaint includes emails between Mark Zuckerberg and Alphabet Inc. executive Sundar Pichai.
[Washington Post] Virtual reality equipment opens up new possibilities for surveillance and data collection on our bodies by companies like Meta Inc.
TECH LABOR EVOLVING
[Bloomberg] ‘Work from anywhere’ policies helped Twitter boost racial diversity in their workforce hires, especially in hiring more Black and Latinx employees.
[The Verge] On February 4th, workers at an Amazon warehouse in Bessemer, Ala., will get a chance to redo their union election after Amazon was found to have violated numerous election guidelines.
[Vice] Details are emerging about a secretive Google anti-union campaign called Project Vivian that ran between late 2018 and early 2020.
HACKING AND SECURITY INCIDENTS
[Microsoft] As tensions between Russia and Ukraine escalate, Microsoft says it has found evidence of a destructive malware attack targeting Ukrainian government networks. Reuters reports that the threat actor behind the attack is Belarusian Intelligence Services, likely acting in support of Russia.
[NYTimes] Russia says it has shut down the notorious hacker group REvil at the request of U.S. officials, but it’s unclear if the move will ease tensions between the two countries.
[The Verge] A developer recently corrupted two popular open-source libraries on GitHub, affecting tons of projects with the libraries in use.
SECURITY TRENDS AND ANALYSIS
[Chainanalysis] Cryptocurrency crime hit an all-time high in 2021, while cryptocurrency usage is growing incredibly fast with legitimate cryptocurrency usage outpacing crime.
[Bleeping Computer] In 2021, the number of Linux malware infections grew 35%, the most common instance being related to DDoS attacks.
[French Military Academy] This verbose report on Chinese information operations is one of the best public reporting of the Chinese Communist Party’s capabilities in cyberspace, media, and psychological operations.
COOL STUFF ON OUR RADAR
[Data & Society] Researchers Matt Goerzen and Gabriella Coleman collaborate to chart the movements of the digital underground during the 1990s to reveal what underground technologists or “hackers”, did—technically, linguistically, and culturally—to establish their legitimacy as employable, trustworthy security experts.
[@ShujaUH on Twitter] “A farmer in Turkey has fitted his cows with virtual reality goggles to make them think they are outside in summer pastures.”
[Porchetta] We love it when companies publish transparency reports! In this one, Porchetta Industries (@porchetta_ind) details the past year in their mission to provide funding to Opensource security tooling.
Know your Rights: How the law protects workers’ right to speak out (January 27, 2022 - 4:00 PM to 5:00 PM PST)
The Tech Workers Coalition is hosting a live event to inform tech workers about the legal protections and legal consequences relating to speaking out at work. The event will cover issues about basic legal rights to speak out and organize, how NDAs are (or are not) enforced, how to work with lawyers (for free), what to consider before speaking out, how whistleblower reward programs work, and the various pathways for speaking out, among other issues. RSVP
CanSecWest 2022 & Training (In Person & Online: May 18-20, 2022, Training In-Person & Online: May 14-17, 2022)
CanSecWest, the security conference located in Vancouver, BC, Canada will return with a hybrid option this year. This is the largest hacking-related conference in the Pacific Northwest, and includes the PWN2OWN competition. Registering early saves $800 off ticket prices, and is highly recommended. Registration
Jobs & Other Opportunities
Role: System Administrator
The Electronic Frontier Foundation (EFF) is seeking applicants for the full-time position of System Administrator to join the Technical Operations team.
Organization: Electronic Frontier Foundation (EFF) (@EFF)
Open Rec: https://www.eff.org/opportunities/jobs/system-administrator [link]
Role: Program Committee Member
SeaGL (Seattle GNU/Linux Conference) is looking for members for the programming committee which handles the CFP and other speaker tasks. If you’ve been a speaker at a conference before and can offer value to the committee, reach out to Nathan Handler (Program Committee Chair).
Organization: SeaGL Conference (@SeaGL)