Curious if anyone with legal expertise knows if this has legs? They say:
> The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use.
But the "circumventing" is still accessing a stream the user can view anyways, and the "reproduce and distribute" feels like a stretch -- there's no inherent distribution. This isn't anything like a pirating or a torrenting tool.
It feels more akin to when movie studios sued VCR manufacturers for being able to record TV back in 1984 -- and lost [1].
(Also, side note but I have never in my life seen a story upvoted so quickly on HN. 130 points in just 7 minutes so far.)
Also, does the fact that YouTube doesn't supply a download feature constitute a "technical protection measure"?
From the RIAA's point of view, it works to their benefit that a download link doesn't exist, and it may be something they like, but that doesn't mean that's why.
It could just as easily be that a download feature doesn't exist because YouTube wants you to keep returning to their site if you want to rewatch a video.
It would be one thing if some YouTube videos had a download button and others didn't. That would suggest that, on the ones where it's missing, it is missing for a reason, and that reason might be DRM. But as far as I know, YouTube doesn't have download for any videos.
Software doesn't always have all the features that end users might want, and the mere absence of a feature doesn't necessarily tell you why it's missing. Also, it's not some weird, suspicious thing to write software which fills in a feature gap in some other software. (Google encourages add-on software on other products, too. For example, Chrome extensions and Gmail add-ons.)
But, maybe there is some legal reason why this could make sense. Maybe some terms of service or licensing (for video uploaders or for regular end users) says not to download something, which would make it clear that the download feature is missing on purpose.
> Also, does the fact that YouTube doesn't supply a download feature constitute a "technical protection measure"?
My understanding is that basically anything at all, if it is in any way "technical" and shows intent, will be accepted as a "technical protection measure" if you go by what has worked so far.
Much more absurd and blatantly bad faith arguments have been accepted, "conspicuously not supplying the feature" is a very strong case in the absurd world of the DMCA cases.
That is not the argument, though. Your copyright is protected regardless of the strength of your security measures. But it is also, separately, illegal to circumvent these measures. This latter prohibition becomes more far-reaching and has more collateral damage the weaker the security measures it applies to, which is worrying.
Outlawing the methods of committing a crime also (instead of just the crime) requires a balancing act between their legitimate and illegitimate uses, which seems precariously absent when talking about technically laughable “security measures” that can be circumvented by pressing F12.
But the trick is to put a crap lock around both something that can be copyrighted but is unimportant and things that cannot be copyrighted.
Now all legal uses of everything behind that lock are illegal for circumvention reasons.
It's a way to apply the DMCA to literally anything digital. The quality of the software doesn't matter, because it isn't for security, just a legal hack.
The fact that youtube wants people to come back to the site and use servers, miles of wires, electricity, network machinery instead of letting them download videos so they can watch them from thumbdrive just says to me this company is unethical and harms environment. Any business model that forces people to be on the network without any reason other than greed, should be illegal. If you can stream the file, download option should be mandatory by law.
People forget that Youtube is a _business_. The reason they maintain all of those servers and network machinery is to serve ads, otherwise why would they provide that service for free?
How is it possible to legislate electricity caps on google, according to some imagined threshold of "harm to environment"? Sounds like the number of lawyers involved would be the real harm in this scenario.
All businesses run on financial incentives (or what you call 'greed'). How is it possible that profit motive and associated laws that facilitate buying/selling be written off as unethical?
I have YT premium and an android phone so I checked this out. It looks like they don't store a single mp4 or anything and instead store it in chunks. I am not sure though if they are actually encrypted and stored using some sort of copy protection or if you could assemble the pieces into a single video using some algorithm without a special key.
I would guess it’s similar to the chunking they do when streaming in the first place. Assembling the pieces is one of the main functions of youtube-dl.
Youtube does have a "download" feature in YouTube studio. Where you can download a heavily compressed version of any video you've uploaded. But only videos you've uploaded.
The data obviously must make it to your computer. A distinction that can be made is whether it is possible/easy to use it separately, outside of YouTube.
They come as regular media files, the chunking would cause issues for most people but it's easy to view. I don't think difficulty is what is important though, what matters is if they were to need some kind of decrypter from the copyright holder.
> Also, does the fact that YouTube doesn't supply a download feature constitute a "technical protection measure"?
The law is so vague on this point so as to include practically anything. Here is the text:
> a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
As mentioned in the notice, the RIAA is specifically claiming youtube-dl's deobfuscation of youtube's request signatures is what's infringing, which a german court ruled to be an effective technological protection measure.
> It could just as easily be that a download feature doesn't exist because YouTube wants you to keep returning to their site if you want to rewatch a video.
Lets be clear though - the only reason copyrighted material is allowed on Youtube is because the owners then grant a license for the content in exchange for ad revenue. Offering a download link severly damages the "owners are paid for their content" part of the equation.
This is true and still applies in the case where you pay for YouTube Premium. Even if you use YouTube Premium you are also helping pay the content creators [1]
> # How YouTube Premium supports creators.
> Creators are the heart and soul of YouTube. To make sure they're compensated for their work, we share ad revenue with them when you watch ads on YouTube. If you're a YouTube Premium member, you won't see ads, so we share your monthly membership fee with creators. Best of all, the more videos you watch from your favorite creators, the more money they make.
So, to reply to the gp you technically aren’t just paying “evil” and “greedy” big corps, but your also helping all the YouTubers.
You are able to download YouTube videos on your phone, if you subscribe to YouTube premium. I haven’t made any deep investigation of this but I kinda assume the videos are protected by DRM.
My argument is that the URL address for the HLS stream you access is not in clear text in the html code youtube sends you. Javascript code is executed to decode it (which changes constantly, hence the need for youtube-dl to be updated constantly) and that is a form of DRM which youtube-dl breaks.
In that case every OSS project is in some way DRM:ed since they require a compiler, interpreter or some specific instruction set to run. That is not at all how the term DRM is used, and if you want to think of it that way you should also know that when speaking to others they have another definition of what DRM is.
As I said it is as encrypted (no less, no more) as all other https traffic. Please note that normal https does no verification of the client, the client verifies the server not the other way around (client verification is of course possible but almost no public sites use it). So the encryption in this case verifies that the content comes from youtube or other sites that it supports but youtube itself does no attempt at verification of the client. This is in contrast to real DRM where the content is encrypted in such a way that it is hard to decode it without running the Content Decryption Module, which are proprietary plugins and that can check HDCP and similar ways to only allow playback on "trusted" devices.
Hmm, so maybe it's legally enough if YouTube does have a protection mechanism and the material is copyrighted, even if the protection mechanism isn't necessarily intended to protect copyright?
The entire IP concept is really hard to make sense of with the web: a browser works by making a local copy of a remote resource and then making that local copy available to the user. I don’t see why, from the server’s perspective, the precise client matters: if I use curl + pandoc to read your webpage, is that really meaningfully different from using Firefox or Chrome?
> is that really meaningfully different from using Firefox or Chrome?
In the USA legally it is because the vast majority of the judges that have ruled on these things think anything that isn't a browser is a hacking tool. Using wget is enough to get you thrown in federal prison for accessing public web resources.
The crime was not that he used wget, it’s that after he was banned from the service he used a server closet he was not permitted to access to continue downloading. Still bullshit but it’s not even close to wgetting a public resource
Edit: no, it’s a private land grant university. What kind of socialism is this, anyway? How is this structure even valid, if not for historical precedent?
Nothing against socialism or even my point, really. Just very odd to see how blatantly discriminatory and contradictory this seems to have a private university performing a necessary public service, with free land from the state. Not that the work isn’t well done, or anything. Just bears strict scrutiny.
Nope, you needed to be on the MIT network. He argued that they should be public, which is very much NOT the same thing as actually being public in the eyes of the law.
I was interpolating, the article implies wget but I didn’t mean to imply I had verified that or anything. I’ll admit I did make a stronger statement than intended and was relying on third party interpretations of the code. Thanks for the clarification!
I think weev may have used wget in his AT&T work where he discovered links or interactions between customer data and iOS in an AT&T subsite?
The true purpose of the DCMA is to control the distributors via the use of tools like DRM.
The fact that you can view music on YouTube at all is something of an anomaly. The recording industry would love to dispense with YouTube entirely if they could.
> The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use.
But the "circumventing" is still accessing a stream the user can view anyways, and the "reproduce and distribute" feels like a stretch -- there's no inherent distribution. This isn't anything like a pirating or a torrenting tool.
It feels more akin to when movie studios sued VCR manufacturers for being able to record TV back in 1984 -- and lost [1].
(Also, side note but I have never in my life seen a story upvoted so quickly on HN. 130 points in just 7 minutes so far.)
[1] https://en.wikipedia.org/wiki/Sony_Corp._of_America_v._Unive....