A DMCA notice that targeted Reddit's /r/jailbreak sub-Reddit earlier this week was fraudulent. Fingers were pointed firmly towards Apple on the basis it had previously targeted a tweet containing an encryption key. However, it now transpires that the notice sent to Reddit was created by an imposter. The targets of this malicious act are now calling on Reddit to share DMCA notices by default, to prevent abuse.
Earlier this week, black clouds began to form over the passionate iOS jailbreaking community. Tolerated by Apple through gritted teeth due to legal protection under the DMCA, the company took the unusual step of sending a DMCA notice targeting a developer’s tweet containing an encryption key.
While that tweet was later restored, the takedown came as a complete surprise and the knock-on effect from this unsettling act would set the scene for the company getting blamed for additional similar acts, this time on Reddit.
In the wake of the Twitter action, a moderator of the /r/jailbreak sub-Reddit revealed that Reddit’s legal team had removed five posts detailing iOS jailbreak releases checkra1n and unc0ver. All of the posts were deleted by Reddit’s admins after receiving a DMCA notice, ostensibly sent by Apple.
What followed was an hours-long information blackout, during which /r/jailbreak’s moderators sought but failed to obtain information from Reddit’s admins. With a credible fear that more notices could be filed and as a result label /r/jailbreak as a repeat offender under the DMCA, its moderators put the forum into lockdown.
Right from the very beginning there was no clear proof that Apple had sent any DMCA notices to Reddit, despite news headlines blaming the tech company for going to war against jailbreakers. It now transpires that waiting for proof would’ve been a more prudent option.
As revealed by checkra1n development team member ‘qwertyoruiopz’, the notice that targeted his project was actually a fake.
And, according to fellow developer ‘axi0mX’, the fake notice wasn’t particularly well constructed either.
“We reviewed it and confirmed that it was someone impersonating Apple. It was not sent from their law firm, which is Kilpatrick Townsend. There are issues with grammar and spelling,” he revealed.
“This notice was obviously not submitted in good faith, and it was not done by someone authorized to represent Apple. Not cool. They could be sued for damages or face criminal charges for perjury.”
Being sued for sending a fake notice sounds like a reasonable solution in practice but history tells us, one particularly notable case aside, that is unlikely to happen. However, it’s clear that more can be done to mitigate the effects of malicious takedowns, starting with more transparency from Reddit’s admins.
While the moderators of /r/jailbreak knew about the complaints early on, they were given no information about who sent them or on what basis. This meant that the people against whom the complaints were made weren’t in a position to counter them, at least with knowledge on their side.
“My personal take on all this is that this should provide plenty of food of thought about the state of copyright laws in the US. A site like Reddit risks losing legal safe harbor protections if they don’t immediately act on such notices,” qwertyoruiopz says.
“Not sharing the notices by default is however very bad policy on Reddit’s end; I would even call this a vulnerability. It allows for nefarious parties to create false-flag takedowns that spark can infighting and has chilling effects (albeit temporary) on non-infringing content.”
There can be little doubt that Reddit takes its DMCA obligations very seriously, so it could be argued that taking down the posts in response to a complaint was the safest legal option. However, if a cursory review of the notices by those targeted revealed clear fraud within minutes, there is a very good case for those notices being shared quickly to ensure that the fraudulent notices don’t have the desired effect.
While Reddit has shown no signs of sharing DMCA notices with the Lumen Database recently, quickly sharing them with those who have allegedly infringed would be a good first step.