There are a number of different tools out there that let you download YouTube videos. These tools are incredibly useful for a number of reasons and should be seen as obviously legal in the same manner that home video recording devices were declared legal by the Supreme Court, because they have substantial non-infringing uses. But, of course, we’re in the digital age, and everything that should be obviously settled law is up for grabs again, because “Internet.”
In this case, a company named Yout offered a service for downloading YouTube video and audio, and the RIAA (because, they’re the RIAA) couldn’t allow that to happen. Home taping is killing music, y’know. Rather than going directly after Yout, the RIAA sent angry letters to lots of different companies that Yout relied on to exist. It got Yout’s website delisted from Google, had its payment processor cut the company off, etc. Yout was annoyed by this and filed a lawsuit against the RIAA.
The crux of the lawsuit is “Hey, we don’t infringe on anything,” asking for declaratory judgment. But it also seeks to go after the RIAA for DMCA 512(f) (false takedown notices) abuse and defamation (for the claims it made in the takedown notices it sent). All of these were going to be a longshot, and so it probably isn’t a huge surprise that the ruling was a complete loser for Yout (first posted to TorrentFreak).
But, in reading through the ruling there are things to be concerned about, beyond just the ridiculousness of saying that a digital VCR isn’t protected in the same way that a physical one absolutely is.
In arguing for declaratory judgment of non-infringement, Yout argues that it’s not violating DMCA 1201 (the problematic anti-circumvention provisions) because YouTube doesn’t really employ any technological protection measures that Yout has to circumvent. The judge disagrees, basically saying that even though it’s easy to download videos from YouTube, it still takes steps and is not just a feature that YouTube provides.
The steps outlined constitute an extraordinary use of the YouTube platform, which is self-evident from the fact that the steps access downloadable files through a side door, the Developer Tools menu, and that users must obtain instructions hosted on non-YouTube platforms to explain how to access the file storage location and their files. As explained in the previous section, the ordinary YouTube player page provides no download button and appears to direct users to stream content. I reasonably infer, then, that an ordinary user is not accessing downloadable files in the ordinary course.
That alone is basically an attack on the nature of the open internet. There are tons of features that original websites don’t provide, but which can be easily added to any website via add-ons, extensions, or just a bit of simple programs. But, the judge here is basically saying that not providing a feature in the form of a button directly means that there’s a technological protection measure, and bypassing it could be seen as infringing.
Yikes!
Of course, part of DMCA 1201 is not just having a technological protection measure in place, but an effective one. Here, it seems like there’s an argument that it’s not a strong one. It is not at all a strong protection measure, because basically the only protection measure is “not including a download button.” But, the court sees it otherwise. Yout points out that YouTube makes basically no effort to block anyone from downloading videos, showing that it doesn’t encrypt the files, and the court responds that it doesn’t need to encrypt the files, because other technological protections exist, like passwords and validation keys. But, uh, YouTube doesn’t use either of those either. So the whole thing is weird.
As I have already explained, the definition of “circumvent a technological measure” in the DMCA indicates that scrambling and encryption are prima facie examples of technological measures, but it does not follow that scrambling and encryption constitute an exhaustive list. Courts in the Second Circuit and beyond have held that a wide range of technological measures not expressly incorporated in statute are “effective,” including password protection and validation keys.
So again, the impression we’re left with is the idea that if a website doesn’t directly expose a feature, any third party service that provides that feature may be circumventing a TPM and violating DMCA 1201? That can’t be the way the law works.
Here, the court then says (and I only wish I were kidding) that modifying a URL is bypassing a TPM. Let me repeat that: modifying a URL can be infringing circumvention under 1201. That’s… ridiculous.
Moreover, Yout’s technology clearly “bypasses” YouTube’s technological measures because it affirmatively acts to “modify[]” the Request URL (a.k.a. signature value), causing an end user to access content that is otherwise unavailable. … As explained, without modifying the signature value, there is no access to the allegedly freelyavailable downloadable files. Accordingly, I cannot agree with Yout that there is “nothing to circumvent.”
Then, as Professor Eric Goldman notes, the judge dismisses the 512(f) claims by saying that 512(f) doesn’t apply to DMCA 1201 claims. As you hopefully remember, 512(f) is the part of the DMCA that is supposed to punish copyright holders for sending false notices. In theory. In practice, courts have basically said that as long as the sender believes the notice is legit, it’s legit, and therefore there is basically never any punishment for sending false notices.
Saying that 512(f) only applies to 512 takedown notices, and not 1201 takedown notices is just yet another example of the inherent one-sidedness of the DMCA. For years, we’ve pointed out how ridiculous 1201 is, in which merely advertising tools that could be used to circumvent a technical protection measure is considered copyright infringement in and of itself — even if there’s no actual underlying infringement. Given how expansive 1201 is in favor of copyright holders, you’d think it only makes sense to say that bogus notices should face whatever tiny penalty might be available under 512(f), but the judge here says “nope.” As Goldman highlights, this will just encourage people to send takedowns where they don’t directly cite 512, knowing that it will protect them from 512(f) responses.
One other oddity that Goldman also highlights: most of the time if we’re thinking about 1201 circumvention, we’re talking about the copyright holder themselves getting upset that someone is routing around the technical barriers that they put up. But this case is different. YouTube created the technical barriers (I mean, it didn’t actually, but that’s what the court is saying it did), but YouTube is not a party to the lawsuit.
So… that raises a fairly disturbing question. Could the RIAA (or any copyright holder) sue someone for a 1201 violation for getting around someone else’s technical protection measures? Because… that would be weird. But parts of this decision suggest that it’s exactly what the judge envisions.
Yes, some may argue that this tool is somehow “bad” and shouldn’t be allowed. I disagree, but I understand where the argument comes from. But, even if you believe that, it seems like a ruling like this could still lead to all sorts of damage for various third party tools and services. The internet, and the World Wide Web were built to be module. It’s quite common for third party services to build tools and overlays and extensions and whatnot to add features to certain websites.
It seems crazy that this ruling seems to suggest that might violate copyright law.
The biggest problem is that if you don’t download the video to your device, you can’t actually watch it, so YouTube is designed to allow you to download the video.
(@AlinejadMasih) October 8, 2022
(@AlinejadMasih) 
