RIAA DMCAs GitHub into nuking popular YouTube video download tool, says it's used to slurp music

Did 2020 just loop round to 1999?

Updated GitHub has hidden from view the source code and downloads of YouTube-DL, a popular public-domain tool used for saving YouTube videos to disk, at the request of the Recording Industry Association of America (RIAA).

The DMCA take-down demand, submitted on Friday evening, argues the software can be used to illegally download copyrighted music by artists the RIAA represents. As such, the association pushed for the removal of the app and all forks of it from GitHub.

YouTube-DL is pretty simple to use: you give the command-line program the URL of any YouTube video, and it will fetch the material and save it to your computer for future playback.

The record industry body reckons this application bypasses YouTube's anti-copying protections, and ultimately allows folks to pirate commercial tracks hosted on YouTube. Record labels and artists these days upload their tracks to the Google-owned giant to effectively stream their work to world-plus-dog amid ad breaks, though they're not too keen on netizens ripping their own copies of the music.

It reminds us of the whole war decades ago over taping music off the radio, saving to magnetic storage content streamed over the air. Sounds familiar.

"The clear purpose of this source code is to circumvent the technological protection measures used by authorized streaming services such as YouTube, and reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use," the RIAA's take-down order claimed.

"We ask that you immediately take down and disable access to the youtube-dl source code at all of its locations where it is hosted on GitHub."

The Microsoft-owned source code warehouse duly complied by disappearing the code from view, noting on the YouTube-DL project page: "This repository is currently disabled due to a DMCA takedown notice. We have disabled public access to the repository." We note that this affects the YouTube-DL.org website, as its source code and download links point to its GitHub page, which has now vanished from sight.


Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook


If you're wondering whether or not the RIAA is going to just start going after any software – like web browsers or simply wget and curl – that can be used to potentially download copyrighted material illegally, the association did note that YouTube-DL's source code specifically fetches, in its test code, copyrighted tracks by Icona Pop, Justin Timberlake, and Taylor Swift.

"The source code prominently includes as sample uses of the source code the downloading of copies of our members’ copyrighted sound recordings and music videos," the RIAA stated. "The source code notes that the Icona Pop work identified above is under the YouTube Standard license, which expressly restricts access to copyrighted works only for streaming on YouTube and prohibits their further reproduction or distribution without consent of the copyright owner.

"We have a good faith belief that this activity is not authorized by the copyright owner, its agent, or the law."

Parker Higgins, a digital-rights activist and advocacy director at the Freedom of the Press Foundation, argued that the reference to the three pop-stars was "sleight of hand," and "the 'activity' that RIAA is claiming is unauthorized is hypothetical." The RIAA didn't provide proof of copyright infringement, only a complaint that the software could be used to bypass copy protections.

"Anything that downloads YouTube videos is, per the RIAA, de facto infringing, independent of the intended use or the underlying content," Higgins said.

"As anyone who has used youtube-dl knows, it is an extremely powerful and useful tool for format-shifting," he added. "It's super popular among archivists and has incredibly broad fair use applications. The RIAA stance here is pretty aggressive and out there."

The EFF said YouTube-DL has "a world of lawful usages," in a tweet:

YouTube-DL maintainer and core developer Sergey M declined to comment when we asked if the app's team planned to contest the take-down or move the source to another code-hosting website. ®

Updated to add

GitHub has been in touch to say it will try to help any coder on the receiving end of a DMCA request; just drop it an email, we're told.

"The DMCA takedown of the youtube-dl repo is a clear example of the regulatory challenges facing developers," CEO Nat Friedman said in a statement.

"GitHub's whole purpose is to help developers, and we will do so in any way we can. In particular, we want developers to be aware of and take full advantage of our DMCA processes to ensure their projects are as broadly available as possible, under the law.

"Any developers facing a DMCA takedown of their projects on GitHub should contact copyright@github.com for assistance with our DMCA processes."

The youtube-dl maintainers have also updated their website with new links to download the project direct from the site rather than from GitHub.

Similar topics

Broader topics

Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading

Biting the hand that feeds IT © 1998–2022