[HN Gopher] Instagram took down private unofficial APIs via DMCA
___________________________________________________________________
Instagram took down private unofficial APIs via DMCA
Author : giansegato
Score : 213 points
Date : 2020-02-01 11:01 UTC (11 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| Nextgrid wrote:
| Does anyone have a mirror? I might download this and keep it just
| in case.
| sbr464 wrote:
| Some of the forks[1] still work, although outdated. There are
| some on gitlab[2] also. Doing code searches finds other
| copies[3].
|
| [1] https://github.com/NantipatSoftEn/Instagram-API
|
| [2] https://gitlab.com/alihesari/Instagram-API
|
| [3]
| https://github.com/DarriusAlexander/speaklight/tree/1b4167c3...
| shervinshaikh wrote:
| Yes I would like a copy too :)
| rcaught wrote:
| https://web.archive.org/web/20191207221404/https://github.co...
|
| > Why did I make this API?
|
| > After legal measures, Facebook, WhatsApp and Instagram blocked
| my accounts. In order to use Instagram on my phone I needed a new
| phone, as they banned my UDID, so that is basically why I made
| this API.
| pmlnr wrote:
| Anyone has the actual git repo as well?
| segmondy wrote:
| If you fork git repos, make sure to pull them down, if the
| official repo is taken down, your forks will disappear unless
| you have a copy.
|
| Here's a script I made to backup all your repos, throw it
| into a cron and run once a month or something, where 20 is
| the largest number of pages you have, adjust accordingly. I
| actually wrote this up when a fork I had disappeared.
| #!/bin/bash USERNAME='segmond' for i in `seq 1
| 20`; do curl --fail -s
| https://api.github.com/users/$USERNAME/repos?page=$i | jq
| '.[] | .clone_url' | xargs -t -n1 git clone sleep
| 1 done
| dicytea wrote:
| > if the official repo is taken down, your forks will
| disappear unless you have a copy.
|
| https://help.github.com/en/github/collaborating-with-
| issues-...
|
| I don't think that's true, I've personally recovered
| deleted repositories by finding its forks.
|
| edit: Ah never mind it seems things work differently in the
| case of DMCA takedowns
| AdamJacobMuller wrote:
| There is also a big difference between clicking `fork` on
| github vs cloning and creating a new repository (on
| github) and then changing the remote URL and pushing.
|
| The latter isn't "github fork" even if it is a "git fork"
| and won't be affected by most[1] automated takedowns.
|
| 1> where most is defined as somewhere between 0 and 100%
| [deleted]
| thefounder wrote:
| Isn't the google vs oracle still on? How did github rule that
| apis are copyrighted?
| dkarras wrote:
| I think with how DMCA works, Github doesn't have to (or need
| to) rule one way or another. Someone sends a notice and it is
| taken down swiftly. If the owner thinks this was in bad faith
| or a mistake, they can challenge it but if you are not
| absolutely sure that you can win such a claim you better talk
| to a lawyer first.
| notyourday wrote:
| Owner needs to send a counter-notice. Github will have to
| restore it. FB will be forced to take owner to court but the
| repo will stay up until court decides
| wpietri wrote:
| Easy to say. But I'd be hesitant to invite a lawsuit from a
| company with infinite money, a predatory attitude to their
| users, and a proven willingness to spend arbitrary sums of
| money to maintain their quasi-monopoly.
| notyourday wrote:
| Possibly. Though based on having friends who had DMCA
| used against them and fought it, a counter-notice
| immediately put the brakes on large companies.
|
| The reason for that is simple: DMCA takedowns in large
| companies are handled by someone who at best is a year
| out of law school who processes hundreds of them per day.
| 99.99% of those go unchallenged because no one knows
| about the process. As soon as the counter-notice is
| served this person/entity indicates that they aren't the
| 99.99%, at which point someone actually starts looking at
| their play book. It will be another round of
| notice/counter notice game before someone that bills
| $400/h looks at the merit of a company's assertion. In
| the larger companies the cooler hands tend to prevail in
| non-obvious cases.
| ethanwillis wrote:
| Someone has to stand up to them at some point and we
| should support them when they do.
|
| The fact that they're willing to just throw tons of money
| at lawyers to be wrong and infringe on everyone else's
| rights is exactly the reason we _should_ make them take
| us to court on principle.
| jrockway wrote:
| It is an important enough case that someone with money
| will probably help out. Of course, they might not, and
| then you're screwed.
|
| My understanding is that Google bought YouTube mostly to
| avoid an underfunded YouTube in legal trouble having a
| bad precedent set.
|
| If Facebook thought they could win against Google or
| Apple, they would have sent DMCA letters to Google and
| Apple for making web browsers and phone emulators with
| "developer tools" built in. But they know they'd lose, so
| they went after some random person on the Internet with
| no money.
| circular_logic wrote:
| If this developer had reversed engineered some documentation
| about the private API could that also receive a DMCA?
| qes wrote:
| Yes. I could publish the source code of, say, my access control
| system, along with instructions on how it could be bypassed,
| but yet if you use those instructions to bypass it, that is a
| violation of the DMCA.
| [deleted]
| KaiserPro wrote:
| In the author's own words, this API was explicitly designed to
| get round access controls. (see internet archive)
|
| So people should be cheering this no? I mean facebook are
| protecting their users from nefarious developers seeking to get
| access to people's data.
|
| The only crit is that it took so damn long to find it. (since
| 2016!)
| https://web.archive.org/web/20160603201221/https://github.co...
|
| I know thats not whats annoyed most people. But if facebook
| really are serious about privacy, then they took too damn long
| the_gipsy wrote:
| They should make their APIs secure, instead they abuse DMCA.
| slimed wrote:
| Exactly. All they did was remove an open source repository.
| It's still trivial to access their services in a way that
| they admit is harmful to their customers' privacy. As a
| bonus, now it's on the front page of Hacker News.
|
| It's almost as if they're making the same error as OP who
| identified the library as "an API" rather than a client of an
| insecure API implemented by Instagram. Presumably they know
| better.
| amylene wrote:
| Perfect is the enemy of good. And we don't know what work
| they're doing on the engineering side.
|
| What if it turns out they detected this code was run by
| other people and responsible for 50% of the unauthorized
| access? Just because it doesn't entirely solve the problem,
| does not mean they shouldn't pursue all partial tactics.
| slimed wrote:
| The problem is that they are abusing a statute that we
| all know is harmful more generally and creating precedent
| for others to do it.
| keyrat wrote:
| I've been using the API for a personal project, and it doesn't
| let you access anything that you couldn't access in the app. It
| was just an API you could use instead of scraping the site.
|
| That mention in the readme from 2016 mentions a UUID banned
| from Whatsapp, so I'm not sure if that's what the author meant
| or just something copied from another readme. Either way, if
| Instagram was banning UUIDs it would be as trivial as getting
| another phone to bypass it, or to log in via a web browser.
| heavyset_go wrote:
| What's the difference between scraping while circumventing anti-
| scraping measures, which certain circuits have upheld as being
| legal, and what this unofficial API client did?
|
| This is an honest question, and not a rhetorical one.
| filoleg wrote:
| That was my first thought upon seeing this post. Given the
| LinkedIn scraping decision earlier this week, i would think
| that this one should be in the clear.
| mCOLlSVIxp6c wrote:
| Looks like this is the takedown request:
| https://github.com/github/dmca/blob/master/2020/01/2020-01-2...
|
| The core allegation is:
|
| > Mgp25's Instagram-API repository (and its forks) offers a tool
| expressly designed to circumvent the Company's effective access
| controls and protection measures by avoiding, bypassing,
| removing, deactivating, or impairing the Company's technological
| measures without the authority of the copyright owners or the
| Company. Mgp25's Instagram-API is designed to emulate the
| official Instagram mobile app when communicating with Instagram's
| servers, which allows users of mgp25's Instagram-API to send and
| receive data (including receiving legitimate, copyrighted posts
| by Instagram's users) through Instagram's private API. Mgp25's
| Instagram-API also permits other types of access to, and
| collection of, Instagram's users' copyrighted works in manners
| that exceed the scope of access and functionality that would be
| permitted by a user with a legitimate, authorized Instagram
| account.
| tpmx wrote:
| Microsoft is running Github Legal now. It's on them. They
| happen to have a very long experience in shutting down third
| party access to unofficial APIs. (There was a lot of drama
| around this in the 80s, in the MS-DOS and Lotus 1-2-3 times.)
| WillPostForFood wrote:
| That's not really how it works. If you claim DMCA protection,
| and you receive a DMCA request, you have to take the content
| down. GitHub/Microsoft doesn't adjudicate the validity of the
| takedown request. The takedown can be appealed, but the
| burden falls on the person who's content was taken down.
| tpmx wrote:
| That's dumb. I actually didn't realize it was _this_ broken
| until now. Thanks.
| wpietri wrote:
| Is this legally a legitimate reason for a DMCA request? That
| it's a tool that could be used to bypass copyright controls?
|
| It's been a long time since I read it, but my understanding of
| the DMCA is that you need to claim an actual copyright
| violation on the thing being taken down. This sounds like a
| claim of contributory copyright infringement, which a) I don't
| remember being covered by DMCA, and b) there's a reasonable
| claim here for substantial non-infringing use, so I'm not sure
| contributory copyright infringement really applies.
| [deleted]
| saurik wrote:
| This is about Section 1201, one of the most interesting parts
| of the DMCA, which is about banning circumvention devices.
| What is confusing me is that I am under the impression that
| the DMCA "takedown" process (which I know quite little about,
| to be fair) was unrelated to the anti-trafficking provisions
| (which I do stare at a lot), so I don't think this is a valid
| request (even if it were a valid lawsuit... though I frankly
| doubt that either as I don't think an "access token" can be
| considered an "effective TPM").
|
| (I am _not_ a lawyer, but I spend an unreasonable amount of
| my time staring at Section 1201 issues; if anyone needs legal
| advice they should contact a lawyer: nothing I say should
| possibly be construed as legal advice.)
| ldoughty wrote:
| From what I gathered: The author was banned from service on
| Instagram, he or she kept getting banned/denied new
| accounts because they flagged the device's UUID... So the
| author then made the API to mask/modify the device UUID and
| try to regain access to the platform (presumably signing up
| elsewhere, then using that token through this API to
| maintain access on their phone).
|
| The author admitted to this in the readme of the repo.
|
| Sounds 100% like the API was designed to try and bypass
| access control mechanisms...
|
| Not sure if that falls under the legal definition or not.
| buckminster wrote:
| > Sounds 100% like the API was designed to try and bypass
| access control mechanisms...
|
| Sure, but your parent's point is that this doesn't appear
| to be grounds for a takedown. Takedowns are for
| infringing content, which this isn't.
| jacurtis wrote:
| According to the 2nd sentence on Wikipedia, which
| describes DCMA:
|
| > [DCMA] criminalizes production and dissemination of
| technology, devices, or services intended to circumvent
| measures that control access to copyrighted works
| (commonly known as digital rights management or DRM). It
| also criminalizes the act of circumventing an access
| control, whether or not there is actual infringement of
| copyright itself.
|
| While I initially thought (like many others on here) that
| DCMA was to keep you from spreading copyright content or
| passing it off as your own, the true purpose of DCMA is
| actually to criminalize the act of circumventing DRM.
| Access control on a social network I guess is considered
| a type of DRM for the content within the network (which,
| lest we not forget, is wholly owned by Instagram as soon
| as you post it). It specifically states that
| circumventing access control is a violation, regardless
| of whether any copyright was actually infringed upon.
|
| So from my keyboard lawyer perspective, it seems like
| Instagram is actually within their rights here.
|
| [Source](https://en.wikipedia.org/wiki/Digital_Millennium
| _Copyright_A...)
| TheDong wrote:
| The point of the parent comment is not that the DMCA
| doesn't cover anti-circumvention, but rather than the
| DMCA contains many parts, and only the copyright content
| part has a safe Harbor and takedown notice provision.
|
| The claim you're arguing against isn't that the DMCA
| doesn't cover this. The claim is that the DMCA takedown
| process doesn't apply to all infringements of the DMCA,
| only those of copyright wrt safe harbor.
| crtlaltdel wrote:
| yeah this sounds more like it would be a T&C clause
| Spoom wrote:
| Could one make the case that this client library enabled
| interoperability, since it allows one to use Instagram
| services on a previously unsupported device (e.g. a
| computer)?
| freewizard wrote:
| It's not first case, Popcorn Times was taken down from Github
| because it "is designed to allow an unlimited number of users
| to fulfill the unlawful purpose".
|
| https://github.com/github/dmca/blob/master/2016/2016-03-16-M.
| ..
| deepsun wrote:
| Roads allow unlimited number of robbers to rob banks and
| drive away with money.
| nailer wrote:
| Interestingly, it's up back now:
| https://github.com/popcorn-official/popcorn-desktop
| capableweb wrote:
| That is indeed interesting. Anyone know what happened?
| otakucode wrote:
| That's... not what the DMCA anti-circumvention clause means. At
| all. The anti-circumvention clause of the DMCA does not deal
| with the kind of technological measures they're talking about.
| It only forbids circumvention of technological measures that
| SPECIFICALLY protect copyrighted material. Not general access
| controls, not access throttling or user roles or anything
| general like that. It doesn't even protect against things like
| circumventing things and convincing Instagrams servers to send
| copyrighted data. It's meant to protect things like the CSS
| encoding/encryption on DVDs. It has been used (in RealNetworks
| v. Streambox, one of the first if not the first lawsuit
| involving the DMCA right after its passage) to prevent
| recording streamed content and a single totally undocumented
| bit ended up being ruled as an adequate 'protection mechanism'
| when 'circumvention' boiled down to "we didn't know what that
| bit did because no one would tell us, so we just ignored it".
| But that was specifically a transfer encoding of the content
| itself, it didn't have to do with user account control or
| anything. Courts are very displeased when companies try to use
| copyright law or the DMCA to facilitate other business goals -
| like protecting their ability to collect analytics, etc. It's
| obviously not copyright infringement to get images from
| Instagram, that's literally what it exists for you to do!
| Copyright protects copying. And absolutely nothing else.
| enterabdazer wrote:
| I don't know the details of the code, so I'm left with questions.
|
| Is the only difference between using this library and using
| Instagram's mobile app the fact that the library is not the
| "right" web browser?
|
| Isn't the library simply a different web client accessing a
| publicly available API? And requests from the library are
| properly authenticated / authorized by Instagram's servers
| through normal means (the library isn't bypassing some mechanism,
| it's just not the official app)?
|
| If it's true that it's just a different API client, then there
| may be some TOS violation, but isn't DMCA an overreach? Is there
| any validity to the claim?
| buckminster wrote:
| A TOS violation is an unauthorised access which is a federal
| crime. See, for example, the case of Aaron Swartz. Using the
| DMCA seems preferable. Changing these laws would be better
| still.
| capableweb wrote:
| So if I put "If you visit the website, you owe me 5 USD" in
| my Terms of Service, I can have them arrested? Something
| feels very fishy here, has to be more conditions than just
| "TOS violation === federal crime"
| buckminster wrote:
| The difference is in what you can convince an investigator,
| a prosecutor and a jury to take seriously.
| h1fra wrote:
| You can still find the implem in various language, like this one
| in js:
|
| https://github.com/dilame/instagram-private-api
| thosakwe wrote:
| IANAL. I'm also assuming this was an HTTP client library.
|
| How could this possibly be a violation of copyright, if it's just
| a client that accesses their API? Their API is not truly
| "private," just undocumented. If you distribute a free app that
| calls a remote API over users' networks, you can't make the case
| that it's private, because it's clearly accessible from every
| network/connection/device. Something exposed to the public cannot
| simultaneously be private.
|
| At least, maybe the author's lawyer could argue the above in
| court.
|
| Among many things I hate about the DMCA, it's that hosts have
| basically no option other than to respond to takedown requests by
| actually taking down the content in question, for fear of
| litigation. It just rubs me the wrong way.
| mkagenius wrote:
| What if such an open APIs cause a loss to the business, is it
| still legal? Coz then intent can be thought of as a bad one?
|
| Edit: people are assuming too much about my intent of this
| question and downvoting, I was just curious, moreover a good
| answer to this will make the case stronger against
| Instagram/Fb.
| ikeboy wrote:
| >Among many things I hate about the DMCA, it's that hosts have
| basically no option other than to respond to takedown requests
| by actually taking down the content in question, for fear of
| litigation.
|
| That's the entire point. A DMCA takedown request is supposed to
| lead to the content being taken down. The person who uploaded
| it can send a counternotice, which will lead to the content
| being put back up if no lawsuit is filed.
|
| What would you change about the system? Should rights owners
| have no recourse short of litigation to get their content taken
| down?
| Semaphor wrote:
| > What would you change about the system?
|
| 3 strikes and you are out. Take down 3 obviously (probably
| decided by a judge) non-infringing things and you lose the
| ability to send takedowns.
| ikeboy wrote:
| >Take down 3 obviously (probably decided by a judge) non-
| infringing things and you lose the ability to send
| takedowns.
|
| Once it reaches this point, the service provider would
| likely stop accepting the notices anyway. See e.g. the
| recent lawsuit by Youtube against Brady, who sent a bunch
| of bogus notices. Once they realized that, they stopped
| accepting the notices.
|
| There's hardly a critical mass of takedowns by people
| who've been found 3 times by a judge to have sent
| fraudulent takedowns.
| Semaphor wrote:
| > There's hardly a critical mass of takedowns by people
| who've been found 3 times by a judge to have sent
| fraudulent takedowns.
|
| Because those rarely go in front of a judge. Torrentfreak
| [0] gets many takedown notices where for example their
| reporting on a leak gets targeted with a DMCA request. If
| those companies had to fear someone challenging these (in
| this example an easy win) and making them lose their
| ability to send them out at all, that would change a lot.
|
| [0]: https://torrentfreak.com/all-dmca-notices-filed-
| against-torr...
|
| > In previous years we've received erroneous complaints
| from the likes of Amazon, Electronic Arts, Disney,
| Entertainment One, Vertigo Films, Magnolia Pictures,
| NBCUniversal, Paramount, and even BBC Worldwide. This
| year we can add more.
|
| > According to Google's Transparency Report, in 2019
| Google received a further 11 DMCA takedown notices
| targeting our domain, sent on behalf of Columbia
| Pictures, Sony Pictures, and sundry others. All of them
| were completely bogus.
| ikeboy wrote:
| > If those companies had to fear someone challenging
| these (in this example an easy win) and making them lose
| their ability to send them out at all, that would change
| a lot.
|
| Why hasn't torrentfreak sued? Presumably because it's not
| an easy win and doesn't produce real benefits for them.
| I'm struggling to see how any of that would change under
| your proposal.
|
| For what it's worth, judges have occasionally issued
| injunctions preventing people from filing claims, under
| the DMCA and otherwise. See e.g.
|
| https://www.courtlistener.com/docket/16599762/home-it-
| inc-v-... ("ORDERED that the Defendant Wupin Wen, no
| later than eighteen (18) hours after service of this
| Order on her via email to trademark@cn-ip.cn, trynow@cn-
| ip.cn, and bzkjuk@126.com: a. Notify Amazon that the
| trademark owner's allegations of infringement against
| HOMEIT are withdrawn and that Amazon should re-list the
| involved products to its website as soon as possible; and
| b. Refrain from filing or otherwise communicating any
| allegations of infringement by HOMEIT to any third party,
| at minimum, for the duration of the instant litigation
| relative to Saganizer branded products." docket 21
|
| https://www.courtlistener.com/docket/4160397/design-
| furnishi... (older case from 2010), "Defendant is
| therefore enjoined from notifying eBay that defendant has
| copyrights in the wicker patio furniture offered for sale
| by plaintiff and that plaintiff's sales violate those
| copyrights. " docket 29
|
| https://www.courtlistener.com/docket/16630192/california-
| bea... "THEREFORE, DU AND ALL PERSONS IN ACTIVE CONCERT
| OR PARTICIPATION WITH DU, ARE TEMPORARILY RESTRAINED from
| taking down, based on any alleged copyright infringement,
| from Facebook and Instagram, or any other service
| provider's website, CBC's online content or product line.
| Du is temporarily not permitted to file any further
| takedown notices with Facebook, Instagram, or any other
| service provider's website as to CBC's online content or
| product line. Any current and operative takedown notices
| in effect that were filed by Du as to CBC are restrained,
| and are to be disregarded by the online service provider.
| Accordingly, and specifically, Facebook (Report
| #2576187715997707) and Instagram (Report
| #1407615876061304) are directed to disregard Du's
| takedown notice and to reinstate CBC's online content
| during the period of this Order. " docket 22
| mokus wrote:
| Wow. A bit of a digression here but it appears they
| actually consider email a valid avenue of legal service?
| That blows my mind. I don't even check my work email
| every 18 hours, and I haven't looked through my home
| email in 3 or 4 years except to find specific messages I
| knew were coming.
| ikeboy wrote:
| Different courts have ruled differently on that issue.
| Note that it's mainly applicable to foreign defendants,
| and you'd have to show that you can't serve them through
| other channels.
|
| See https://blog.ericgoldman.org/archives/2019/05/court-
| rejects-... for a court finding otherwise on a similar
| case.
|
| If you're running a business, there's different
| expectations.
| Semaphor wrote:
| > Why hasn't torrentfreak sued? Presumably because it's
| not an easy win and doesn't produce real benefits for
| them. I'm struggling to see how any of that would change
| under your proposal.
|
| a) I'm not sure they can even sue currently, isn't the
| only thing illegal misrepresenting that you have the
| right you claim? b) Even if they could, as you say, no
| real benefit c) The change would mean that just the
| threat of getting sued for malicious DMCA notices would
| make the companies sending them better at actually having
| a case. Currently, there is no risk at all shooting with
| cluster bombs when sending notices. Barely any risk using
| DMCA to prevent speech. That is what my proposal would
| take away.
| ikeboy wrote:
| a) USC 512(f) makes it illegal to misrepresent that
| something is infringing. Not considering fair use is
| included, per Lenz v. Universal Music Corp.
|
| c) To do that, you'd need to make suing easier. I don't
| see how your proposal does that.
| dmitriid wrote:
| Or, same, but with increasing penalties.
|
| 3 strikes, can't send notices for a week. 3 more strikes, a
| month. 3 more strikes, a year
| Wowfunhappy wrote:
| Keep in mind that if a judge has to get involved, it
| would take a long time for the penalties to actually take
| effect. The idea of increasing penalties is a good one,
| but the lowest level needs to be an order of magnitude
| more significant, and ditto for the subsequent steps.
| stingraycharles wrote:
| There currently is no penalty for sending bogus DMCA
| requests, and as such it encourages content owners of just
| sending gazillions of (unjustified) takedown requests.
|
| This is a major hole in the current law.
| ikeboy wrote:
| >(f)Misrepresentations.--Any person who knowingly
| materially misrepresents under this section-- (1)that
| material or activity is infringing, or (2)that material or
| activity was removed or disabled by mistake or
| misidentification, shall be liable for any damages,
| including costs and attorneys' fees, incurred by the
| alleged infringer, by any copyright owner or copyright
| owner's authorized licensee, or by a service provider, who
| is injured by such misrepresentation, as the result of the
| service provider relying upon such misrepresentation in
| removing or disabling access to the material or activity
| claimed to be infringing, or in replacing the removed
| material or ceasing to disable access to it.
|
| USC 512 (f)
| clarry wrote:
| That is toothless in preventing corps (with money) from
| abusing individuals (who don't have the money to start
| litigation). Also, from what I hear, many implementations
| of DMCA do not give the individual enough information to
| take action against false claims.
|
| EDIT: see for example
| https://news.ycombinator.com/item?id=22211087
| ikeboy wrote:
| >That is toothless in preventing corps (with money) from
| abusing individuals (who don't have the money to start
| litigation).
|
| This is a problem with unequal access to the legal
| system, not with the law.
|
| >Also, from what I hear, many implementations of DMCA do
| not give the individual enough information to take action
| against false claims.
|
| It's pretty simple to get the actual information in a
| lawsuit. Subpoena the service provider for the complete
| notice sent.
|
| In most cases a lawsuit isn't needed. If you receive a
| false complaint and file a counternotice, the content
| gets restored 10-14 days later if there's no lawsuit
| filed.
| clarry wrote:
| > In most cases a lawsuit isn't needed. If you receive a
| false complaint and file a counternotice, the content
| gets restored 10-14 days later if there's no lawsuit
| filed.
|
| Yes indeed, this is exactly what is happening: they get
| off the hook, and they can keep filing false claims as
| much as they want because taking action against them is
| too hard. Hence, toothless. No consequence for sending
| false claims, the only people who suffer are those who
| get their stuff unjustly taken down for two weeks.
|
| It'd be a little more equal if, upon receiving a
| counternotice, all the original claimant's claims would
| be instantly put on hold for 10-14 days (and then
| dropped) unless they file a suit.
| ikeboy wrote:
| The reason why a counternotice allows it to be put back
| up is because filing one requires you to swear to
| noninfringement and accept jurisdiction.
|
| If you're not willing to do that, and the claimant is
| willing to swear to infringement, why should we give you
| the benefit of the doubt simply because someone else said
| the claimant was wrong in an unrelated case?
| clarry wrote:
| > If you're not willing to do that
|
| I never said that.
|
| The reason why you should give people the benefit of the
| doubt is because otherwise the system is horrendously
| unfair and unbalanced in that 1) those who file false
| claims have nothing to lose (because the likelihood that
| they get dragged into court is virtually nil, and in most
| cases even dragging them to court would most likely lose
| you more time=money than you can hope to claim in
| damages) 2) those who have their content unjustly taken
| down keep losing over and over again.
|
| If it's word against word, then yes both sides' word
| should have equal weight and consequence. Currently, that
| is not the case.
| ikeboy wrote:
| >If it's word against word, then yes both sides' word
| should have equal weight and consequence. Currently, that
| is not the case.
|
| I'm not sure what you mean here. In that scenario, a DMCA
| notice was sent and a counternotice was sent. The content
| gets put back up after 14 days. This seems acceptable to
| me, and doesn't favor one side disproportionately. Either
| side can choose to go to court, but if they choose not
| to, the content is put back up after a delay.
|
| I agree that there's a problem with people filing false
| claims. But I don't see how a law could improve that.
| kgwxd wrote:
| "Should rights owners have no recourse short of litigation to
| get their content taken down?"
|
| Yes
| andyjpb wrote:
| The DCMA has an "anti-circumvention" provision. This means that
| tools that can be used to "steal" copyright works can be
| subject to a DCMA takedown notice.
|
| Instagram is asserting that this software is such a tool.
|
| "The complaint claims that the tool 'Instagram-API' allows
| unauthorized access to Instagram users' posts, which the
| company says are copyrighted works to which it grants protected
| access."
|
| More info here: https://torrentfreak.com/instagram-uses-dmca-
| complaint-to-pr...
| necovek wrote:
| I really wonder why is a web browser and "save image" or
| "save web page" or even OS screenshotting function not the
| the tool to "steal copyrighted work"? How is a programming
| interface that is harder to use any worse? If it's about
| "speed of gathering" large amount of data, how are tools like
| selenium any different?
|
| The only difference is in the tool intent, but all of them
| can be used for exactly the same purpose, some of them more
| easily than the others.
| jacurtis wrote:
| I suspect that you can thank the 1984 Landmark Case of
| Universal Studios vs. Sony Corporation of America for your
| freedom to screenshot and save images through the web
| browser.
|
| Back in the 80s, Sony made a video player that ran Betamax
| tapes. You might remember the HDVD vs BluRay wars of a
| decade ago when both formats were battling for dominance to
| become the new standard for playing HD movies on disc.
| Well, before that was the VHS vs Betamax wars. During these
| battles, Sony was trying to make Betamax the new standard
| for home movies. They wanted to distinguish themselves from
| VHS in some way and they ended up distinguishing themselves
| with an amazing and unheard of feature (for the time), you
| could not only watch movies with Betamax tapes, but you
| could RECORD movies to watch later. You could record
| anything on TV, in order to watch it later. This is 20+
| years before DVRs, 30 years before streaming services. It
| was a crazy idea.
|
| But Universal Studios didn't like the idea that someone
| could record a show on TV and watch it later, or watch it
| however many times they wanted. Someone could theoretically
| even sell that Betamax tape to someone else. So Universal
| Studios sued Sony over this invention. Universal Studios
| claimed it violated copyright. Sony claimed it was
| protected under the "fair use" clause for copyright.
|
| The lawsuit ended up tipping in Sony's favor, but only
| barely. One of the most popular kids shows at the time was
| "Mr. Roger's Neighborhood". The supreme court heard from
| Mr. Roger's himself who testified that he was ok with
| people recording his show because it allowed them to be
| with their family and not controlled by the schedules
| dictated by the television studios. He said he was against
| the studios controlling people's schedule. The supreme
| court ultimately mentioned that this testimony is what
| tipped the case into Sony's favor.
|
| But it didn't just tip in Sony's favor. This landmark case
| is what opened the door for all recording media in the
| future. The Betamax eventually died, but the VHS later made
| the same features available. Radios and boomboxes in the
| 90s had a recording feature added. DVRs came about in the
| early 2000's to record TV to harddrives. Then computers had
| screenshotting, and web browsers likely got "save image as"
| because of the precedent set by this landmark case.
|
| Where the DCMA differs is that it protects tools built with
| direct intent to circumvent a specific copyrighted content.
| So the linked tool for example is a script built
| specifically to circumvent Instragram's access control. It
| doesn't circumvent anyone else's access control, and its
| primary purpose for existing was to gain access into
| Instagram. So I think Instagram can make a reasonable case
| to go after this tool.
|
| However, going after a general tool like screenshotting
| would go nowhere, because it is considered a general good.
| It provides value that far surpasses the damage Instagram
| can claim from it.
|
| Again, we can probably thank Mr. Rogers. Without him,
| recording might not be something we could take for granted
| today.
|
| Sources:
|
| - https://en.wikipedia.org/wiki/Sony_Corp._of_America_v._Un
| ive....
|
| - https://www.theatlantic.com/technology/archive/2012/01/th
| e-c...
| mddanishyusuf wrote:
| Now facebook developers' app approval is so hard. I submit 6
| times to review and every time reviewer point a mistake. I'm
| building for a tool that sets up a third party API gateway for
| your 3rd party applications APIs. https://nocodeapi.com
| capableweb wrote:
| Since you're advertising your product in a thread about
| Instagram, I thought your product would work with Instagram,
| but trying it I get "Insufficient developer role". Not sure if
| it's a bug or just not implemented yet.
| 1hakr wrote:
| Awesome! I love this tool. What were you doing all these days.
| mddanishyusuf wrote:
| Thanks, I'm adding lot's of applications and here are the
| list you can find them https://nocodeapi.com/marketplace
| todd8 wrote:
| Looks very useful. I like your landing page, it nicely
| designed, works great on a phone, and communicates clearly.
|
| A tiny suggestion, it looks like a typographical error
| slipped though in the sentence:
|
| > Convert these applications APIs without any hustle and
| Power-up your products, tools & portfolio by these
| NoCodeAPI.
|
| I think you meant to use the word "hassle" instead of
| "hustle" as it would be a bit more idiomatic in the
| sentence.
| mddanishyusuf wrote:
| Thanks, todd8 for the catch. I'm working on the content.
| stay tuned.
| coleifer wrote:
| And GitHub bent over.
|
| Just host it somewhere else.
| paulgb wrote:
| Where? Pretty much anyone will honor a DMCA takedown. There
| might be some grey area where some hosts will be better at
| identifying an invalid/bad-faith one, but this one appears to
| be valid.
| CarelessExpert wrote:
| On your own web server?
|
| You don't need GitHub to publish or host a git repo...
| dewey wrote:
| Your own webserver that's hosted by a hosting company? Most
| of the have very well oiled workflows for responding to
| DMCA violations. If you run your own server they'll go to
| your ISP.
| CarelessExpert wrote:
| Are you aware that companies in countries like Canada
| don't respond to DMCA takedown requests, nor do they have
| domestic equivalents?
| dewey wrote:
| Maybe not 100% identical to the DMCA takedown requests
| but there are systems in place to deal with these kinds
| of issues. If your hoster / ISP receives a bunch of these
| notices they'll probably reconsider hosting your content.
|
| https://ic.gc.ca/eic/site/oca-bc.nsf/eng/ca02920.html
| CarelessExpert wrote:
| Valid point. Bill C-11 certainly made a mess of the
| situation in Canada. That said, there are plenty of other
| international jurisdictions where a server or VPS could
| be used to host this kind of content, so I think the
| fundamental point still remains: Yes, hosting content on
| a large US-based provider like GitHub means your content
| is available at their discretion. Hosting the content
| yourself gives you a much greater degree of freedom to
| control the availability of that content.
|
| Which is why I never rely solely on commercial cloud
| services like this for hosting my content.
| [deleted]
| notyourday wrote:
| Counter-notice fixes it, making github restore it and giving
| Github immunity.
| thejsa wrote:
| GitHub waits fourteen days for the complainant to respond
| to your counter-notice before putting your repo back up,
| from experience :/
|
| In addition, they won't even give you any info they hold on
| the complainant other than that explicitly included in the
| notice itself, claiming 'data protection' (some troll hit a
| bunch of my repositories with fraudulent takedowns in two
| waves, meaning it took about a month before they were all
| restored)
| slig wrote:
| That's a nice way to get legal problems with one of the
| biggest companies in the world.
| asjw wrote:
| Outside of the US
|
| The world is a pretty large place...
| coleifer wrote:
| Git has an amazing variety of frontends and ways to
| _distribute_ your code.
| tpmx wrote:
| > And GitHub bent over.
|
| You mean Microsoft bent over. Legal is the first and most
| urgent part to integrate when aquiring a company, for obvious
| reasons.
| maxerickson wrote:
| Choosing not to involve themselves in legally representing a
| user is not comparable to submissive participation in a sex
| act.
|
| There's also nothing wrong with submissive participation in a
| sex act.
|
| Communicate better.
| vga805 wrote:
| unofficial APIs or unofficial documentation about the APIs? what
| exactly was this, and if the latter, are the APIs still
| available?
| Nextgrid wrote:
| "API" is a weird term to use in this context as it's not
| actually an API server or anything like that. This is just an
| HTTP client for Instagram's mobile app API.
| g4k wrote:
| "This is a PHP library which emulates Instagram's Private API.
| This library is packed full with almost all the features from
| the Instagram Android App. This includes media uploads, direct
| messaging, stories and more."
|
| https://web.archive.org/web/20191207221404/https://github.co...
| [deleted]
___________________________________________________________________
(page generated 2020-02-01 23:00 UTC)