DMCA policy updates #395
DMCA policy updates #395
Conversation
|
|
||
| Please note, our review process for circumvention technology does not apply to content that would otherwise violate our Acceptable Use Policy restrictions against sharing unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys. Although these types of claims may also violate the DMCA provisions on circumvention technology, these are typically straightforward and do not warrant additional technical and legal review. Nonetheless, where a claim is not straightforward, for example in the case of jailbreaks, the circumvention technology claim review process would apply. | ||
|
|
||
| As part of our commitment to developers’ rights, when GitHub processes a DMCA takedown under our circumvention technology claim review process, we will offer access to legal providers for the repository owners, to help protect open source developers on GitHub. |
KOLANICH
Apr 29, 2021
This sentence is unclear and needs reformulation.
This sentence is unclear and needs reformulation.
|
This is extremely broad and should be policed by the vendor the not @github. Do not merge. The term "jailbreaking" is usually associated with Apple products only and is extremely important for both keeping Apple products secure and the end-users. Most vulnerabilities in Apple are found using jailbroken products. One such perfect example is the OpenCore bootloader: https://dortania.github.io/OpenCore-Install-Guide/ As a strict good-faith security researcher, who runs a powerful serial number generator for macOS related products that enables researchers to discover flaws in iMessage & Facetime, two critical communication protocols, https://github.com/sickcodes/osx-serial-generator, I have done extensive work in providing access to macOS virtual systems for independent security researchers, and those who can't afford a real mac, but still want to participate in Apple Bug Bounty ($X00,000 bounties). Apple has very strict requirements: https://developer.apple.com/security-bounty/requirements/ that state, You are entirely permitted to violate the EULA of Apple products, if you find and report bugs directly to Apple. In fact, Apple ENCOURAGES you to break the EULA to report bugs to them.
Therefore, @github should not be the one to police another company's EULA. A company's EULA is not the law. Moreover, this has nothing to do with DMCA. In Apple's case, you are given explicit permission that supersedes all other EULAs, so as long as you report the bugs to Apple security team. Another such cases are WordPress plugins which must be released under the GPLv3+ License, and hence, any such serial number generator is absolutely permitted under the license. If GitHub feels like becoming the serial number police and hiring a bunch of lawyers to go through each EULA instead of letting the vendor make their own calls, this would limit productivity in security research and ultimately roll-back any current progress that has been made in bridging Developers with Security. @github should not get involved in policing serial numbers and this should not be merged. https://sick.codes/is-hackintosh-osx-kvm-or-docker-osx-legal/ |
We're opening this PR to incorporate our review process for takedown notices alleging violation of the DMCA related to circumvention technology into our DMCA takedown policies. Note, these changes are not new in practice -- we've been applying this process since announced.
In addition, we are adding an Acceptable Use Policies (AUP) restriction against sharing unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys. Related to this, in our DMCA Takedown Policy, we
We'll keep this PR open for 30 days and welcome your feedback. Updates to these policies will go into effect after the 30-day notice and comment period, on May 26, at 5pm US Pacific Time.