A malware researcher based in the U.S. has been kicked off the cloud-based hosting service MediaFire after compressed and encrypted Windows patches and malware samples she stored on its site were flagged as copyrighted material. The researcher, Mila Parkour, reported on her Contagio malware blog after receiving notification that her account on MediaFire had been suspended and content she posted had been flagged and removed for violations of the U.S. Digital Millennium Copyright Act (DMCA).
The action against Ms. Parkour was instigated by a complaint from a French company called LeakID which describes itself as a “digital agency …founded by experts from the world of radio, television and Internet.” LeakID markets a service called “Leaksearch” as an “ownership tool that will alert you within seconds if your content is being pirated.”
According to Ms. Parkour, MediaFire received a notice from LeakID claiming that it was “acting on behalf of the copyright owners,” even though the owners and presumed copyrighted content weren’t named. Under the rules of the DMCA, organizations which receive notices of copyright infringement must prevent the file from being shared, regardless of the legitimacy of the complaint.
It appears the system has fallen down badly here and in the process yet another innocent party has fallen victim. Yes, a 100% mistake-proof system is nigh on impossible to achieve but it seems to me that the emphasis is all wrong. The way it stands now, if a mistake is made, the alleged infringing party has an avenue of recourse available via submitting a counterclaim but, in my opinion, that is merely shifting the onus of proof. In a society where citizens are generally considered innocent until proven guilty is it not incongruous that the opposite should apply in cases where copyright issues are concerned? Surely it should be incumbent on someone, perhaps the sites involved, to substantiate claims prior to taking any punitive action.
Apparently what we have here, compliments of the DMCA, is a law which advocates a ‘shoot now and ask questions later’ policy.
So, given the apparent potential for surrendering control and ownership of uploaded data, would you consider entrusting your personal data to the cloud?