11 KiB
Before disabling any content in relation to this takedown notice, GitHub
- contacted the owners of the affected repositories to give them an opportunity to make changes.
- provided information on how to submit a DMCA Counter Notice.
- offered to connect the owners of the affected repositories with legal resources as part of our commitment to standing up for developers.
To learn about when and why GitHub may process some notices this way, please visit our README.
Note: Because the parent repository was actively being forked when this DMCA takedown notice was received, and the submitter had identified all known forks at the time they submitted the takedown notice, GitHub processed the takedown notice against the entire network of 2 repositories, inclusive of the parent repository.
VIA EMAIL
([private])
GitHub, Inc.
Attn: DMCA Agent
88 Colin P Kelly Jr. Street
San Francisco, California 94107
Re: Hosting of infringing “Hoopla-DL” software – GitHub Ticket ID No. 1833140
Dear Sir or Madam:
As you are aware, we are intellectual property litigation counsel for Midwest Tape, LLC (“Midwest Tape”). Midwest Tape provides an online service and mobile software application called HOOPLA. See www.hoopladigital.com. Midwest Tape’s HOOPLA service provides patrons of public libraries with access to digital video, music, audiobooks, e-books, comics and other content via the HOOPLA web site and mobile application. Among other things, the HOOPLA service and application provides users with downloadable ebooks, audiobooks and other audio content for use on their mobile phone, tablet, computer, or television for a limited period of time. The digital content available through the HOOPLA service includes technological measures which limit the duration of the “library loan” of the copyrighted content. After the loan concludes, the digital content is removed and is no longer available on the user’s device.
On October 7, 2022 and October 14, 2022, we submitted notices advising GitHub Inc. (“GitHub”) that an individual named “iconoclasthero” is distributing a software application called “Hoopla-DL” on the GitHub web site at https://github.com/iconoclasthero/Hoopla-DL. This code allows the unauthorized download and decryption of HOOPLA content for personal use, thereby bypassing the technical measures that limit the duration of the “library loan” of the copyrighted content. Indeed, iconoclasthero’s GitHub page brazenly states that the Hoopla-DL program is “[A] PowerShell script that can download and decrypt ebooks, comics, and audiobooks from Hoopla.” Id.
Since submitting our notices, we received a response from GitHub in which it requested that Midwest Tape submit a revised notice that included additional information responsive to the following two questions, with respect to which Midwest Tape responds as follows:
- Describe any technological measures you have in place, and how they effectively control access to your copyrighted material.
Midwest Tape’s HOOPLA digital platform is made available to libraries for use by their authorized cardholders. Users must register with the HOOPLA platform in order to access and use the platform, and Midwest Tape employs DRM security measures to limit users’ access to borrowed content. Hoopla content may be streamed via the HOOPLA digital website, www.hoopladigital.com, or streamed or temporarily downloaded via the HOOPLA digital app for tablets and mobile devices. Midwest Tape’s security measures include code that causes any downloaded content to be automatically removed from the user’s device upon the expiration of the borrow period. On every digital file that Midwest Tape offers through the HOOPLA service, it employs Digital Rights Management (DRM) protection via industry standard AES-128 encryption to prevent users from reading, watching, or listening to the files outside of the permitted use period.
All users are required to agree to Midwest Tape’s Terms and Conditions, which prohibit copyright infringement. Among other things, the Terms and Conditions include the following provisions to emphasize the limited access period and the prohibition on hacking the security features that protect the content on the platform:
All of the Content made available through the Platform is protected by intellectual property rights, including copyright, trademark, trade secret, and/or patent rights (collectively, “Intellectual Property Rights”) of Midwest Tape or its licensors or other third parties.
If you are an authorized Library Patron, you may borrow and view the Content during the designated loan period for your own, personal, non-commercial use only (“Allowed Use”) and, during that limited loan period only . . . All Content is owned or licensed by Midwest Tape, LLC and/or third parties. In all circumstances, you understand and acknowledge that your rights with respect to Content will be limited by copyright law. You agree that you will not attempt to modify any apps, software, or Content accessed through the Platform for any reason whatsoever, including for the purpose of disguising or changing any indications of the ownership or source of the Content.
You represent, warrant, and agree that you are using the Platform for your own personal, noncommercial, entertainment use and not for redistribution or transfer of any kind. You agree not to reproduce, modify, delete, disable, tamper with, redistribute, broadcast, publicly perform, or publicly display any Content, or otherwise transfer any Content accessed through the Platform.
You agree that you will not, for any reason, reverse engineer, decompile, disassemble, or otherwise tamper with any security components, software, usage rules, or other protection measures applicable to the Platform or Content.
The “Hoopla-DL” software located at https://github.com/iconoclasthero/Hoopla-DL purports to set forth a method of circumventing these security measures and constitutes a breach of Midwest Tape’s Terms and Conditions for accessing and using the HOOPLA platform.
- Describe how the accused project is designed to circumvent your previously described technological protection measures.
The “Hoopla-DL” software located at https://github.com/iconoclasthero/Hoopla-DL is advertised as “[A] PowerShell script that can download and decrypt ebooks, comics, and audiobooks from Hoopla.” In fact, it provides an unauthorized tool to a user to deploy a decryption key to remove the DRM protections from the copyright files for unlimited and unauthorized usage. One can see this decryption in the function on line 304 of the posted code.
The sole purpose of the “Hoopla-DL” software is to circumvent the technological measures included with HOOPLA content which limit the user’s use of such content to the “library loan” period. As a result, the Hoopla-DL software violates, among other things, the anti-circumvention provisions of the Copyright Act, 17 U.S.C. § 1201(a)(2)(A) (“No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title”).
iconoclasthero’s unauthorized distribution of software intended to circumvent our client’s technological measures which limit the duration of the “library loan” of the copyrighted content also constitutes a breach of GitHub’s Terms of Service, including without limitation Paragraph C “Acceptable Use” (“Your use of the Website and Service must not violate any applicable laws, including copyright … laws, … or other laws in your jurisdiction”, and “You agree that you will not under any circumstances violate our Acceptable Use Policies …”). See https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#c-acceptable-use. Such activity violates several provisions of the GitHub Acceptable Use Policies, including:
· Paragraph 2: (“We do not allow content or activity on GitHub that: is unlawful or promotes unlawful activities; …”),
· Paragraph 3: (We do not allow content or activity on GitHub that … infringes any proprietary right of any party, including … copyright, … or other right; unlawfully shares unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys, including extension of a free license beyond its trial period;…”), and
· Paragraph 5: (“We do not allow content or activity on GitHub that: … uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network”).
See https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies. This user’s breach of the GitHub Terms of Service constitutes an independent basis to remove the Hoopla-DL software and content from the GitHub platform. See Paragraph D of the Terms of Service (“We have the right to refuse or remove any User-Generated Content that, in our sole discretion, violates any laws or GitHub terms or policies.”).
Accordingly, Midwest Tape demands that GitHub permanently remove the Hoopla-DL software and content from its web sites, including without limitation at:
· https://github.com/iconoclasthero/Hoopla-DL
· https://github.com/iconoclasthero/Hoopla-DL/blob/main/README.md
· https://github.com/iconoclasthero/Hoopla-DL/blob/main/LICENSE
· https://github.com/iconoclasthero/Hoopla-DL/blob/main/hoopla-dl.ps1
no later than Friday, October 28, 2022.
This letter constitutes notice that GitHub is hosting content which violates the Copyright Act. I have read and understand GitHub's Guide to Filing a DMCA Notice. I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law. I have taken fair use into consideration. I swear, under penalty of perjury, that the information in this notification is accurate and that I am authorized to act on behalf of Midwest Tape, the owner of an exclusive right that is allegedly infringed.
Thank you for your prompt attention to this matter. If you have any questions, please call me at [private], or e-mail me at [private].
Sincerely,
/[private]/