GitHub significantly revised the way it deals with Digital Millennium Copyright Act (DMCA) takedowns on Thursday, in an effort for increased transparency.
Jesse Geraci, legal counsel at GitHub, told ReadWrite that the update brings three major changes to GitHub DMCA policy. First, the process has been rewritten into more accessible language to explain not only what the process is, but what the DMCA is and why it is necessary.
Second, the new policy requires DMCA takedown authors to be far more specific in their requests. On GitHub, a repository can be recreated in another person’s account where that person can make changes to it. This process is called “forking” and is a major feature of GitHub. With the change, GitHub will no longer automatically take down all forks of a repository just because a takedown notes something infringing in the parent repository.
“Under the previous policy, a takedown for the parent would auto-disable its forks,” said Geraci. “However, forks aren’t the same in the same ways. Going forward, we’re going to require the complaining party to do research on the forks and explain if they’re also infringing.”
The third and largest change to the policy deviates from the way most companies address takedowns today. It will provide a 24 hour grace period for the user addressed in the takedown to attempt to remove the infringement.
“A good number of DMCA requests are accidental,” said Geraci. “Our new policy is geared toward letting us fix mistakes. We’re trying to give [users] not only the tools to understand what’s happening, but also guidance and leeway to fix the project.”
DMCA takedowns have increased on GitHub at a rate steady with the code hosting and collaboration tool’s growth. According to the repository that monitors takedowns as they occur, there have been more than 500 today. While that’s a fraction of the community’s 7 million users, GitHub’s changes will better educate all users on DMCA policies.
Preventing Takedowns Before They Happen
On GitHub, DMCA takedowns come from a number of sources. Sometimes they originate from companies, like when Qualcomm took down more than 100 repositories that used Linux kernel code the company deemed “highly sensitive.” Other times, the takedown will originate from an individual developer concerned that her open source license is being misused.
See also: How DMCA Takedown Notices Work
ReadWrite asked Geraci what GitHub users can do in the first place to prevent their repositories from being targeted with DMCA requests, and this was his advice:
- Make sure that if you’re borrowing code from another open source project, you’ve read and understand the license. There’s an assumption that all open source means “completely free to use,” but there are different versions of the license that require attribution of the original developer, or a non-commercial use clause.
- If you’re managing (or working on) an open source project with a lot of contributors, make sure all the contributors all agree to a Contributor License Agreement (CLA). “It needs to be very clear when somebody’s making contributions to code, what the grounds are for that,” he said.
- What do you do if the repository from which you want to borrow code doesn’t have a license file? “We get questions about that all the time,” said Geraci. “In that case, you need to reach out and talk to people. That’s what the Internet is great for.” Submit a pull request and get the license conversation started with the repository creator.
You can now read the entire new GitHub takedown policy here.
Photo via GitHub