Thanks Vivek for responding. Speaking as one of the maintainers of SymPy (who received the DCMA takedown request by email) I would like to note some points:
1. If you do a web search for "HackerRank DMCA" you will find similar examples of this that have happened in the past (with exactly the same text).
2. The text of the request is not in any way designed to enable a reasonable response. No detail is given about what the infringing content is so there is no way to comply.
3. It is also clear from this and previous cases that whatever process is used to identify potential targets for DMCA yields false positives and no reasonable judgement seems to be applied in whether or not to issue a takedown request.
I also think that GitHub's processes are faulty here:
1. We were given one business day to reply. I replied within 2hrs to say that the request was obviously spam and then sought legal advice. The repo (and website) were shut down before we could get legal advice. One day is nowhere near enough time. The request came in on Thursday night (UK time) and in the UK both Friday and Monday are public holidays this weekend. I don't even know what one "business day" means in this situation.
2. GitHub gives some guidance for how to submit a counter claim but none of the information is applicable to a case like this where so little information is given that is simultaneously impossible to comply with the request and impossible to dispute it. If GitHub makes it this easy to spam DMCA requests then they should also provide some guidance for how to deal with spam requests.
I wonder if the FSF or someone else can come up with a good template response to DMCA requests that just don't have enough information in them. If the request doesn't even explain how you could comply then it should be possible to respond to that in a blanket fashion.
Oscar, thank you for responding and I'm terribly sorry for the disruption this has caused. I should have taken this more seriously when it sprung up on HN the first time but for whatever reason we just fixed that problem and moved on. This is a serious one and we are working on a strategy that is sustainable.
Meanwhile, if we need to make a monetary contribution for your effort or anything more we could do to promote, what would be the best way to do it? If you'd like to send me an email to discuss further, I'm available at vivek at hackerrank
If you don't want to utterly destroy your company's reputation and have every company that depends on Python or other critical open source infrastructure boycotting you, you need to stop. Just stop. Don't send out any DMCA notices at all, not unless you encounter a case of infringement so blatant that it is obvious to all. And then make the decision yourself, don't contract it out. The risk of damage to others and blowback to you is too great. You're risking the failure of your company if something like this happens another time after two high-profile cases; damage to your company could be that bad.
And here's the thing: if there's a match between the SymPy Docs and something you consider yours, the copying was quite likely in the reverse direction: the solution you claim copies something out of the SymPy documentation (which is legal, but it isn't yours).
> stop. Just stop. Don't send out any DMCA notices at all, not unless you encounter a case of infringement so blatant that it is obvious to all. And then make the decision yourself, don't contract it out.
?
Sounds great - did you make similar promises last time?
1. If you do a web search for "HackerRank DMCA" you will find similar examples of this that have happened in the past (with exactly the same text).
2. The text of the request is not in any way designed to enable a reasonable response. No detail is given about what the infringing content is so there is no way to comply.
3. It is also clear from this and previous cases that whatever process is used to identify potential targets for DMCA yields false positives and no reasonable judgement seems to be applied in whether or not to issue a takedown request.
I also think that GitHub's processes are faulty here:
1. We were given one business day to reply. I replied within 2hrs to say that the request was obviously spam and then sought legal advice. The repo (and website) were shut down before we could get legal advice. One day is nowhere near enough time. The request came in on Thursday night (UK time) and in the UK both Friday and Monday are public holidays this weekend. I don't even know what one "business day" means in this situation.
2. GitHub gives some guidance for how to submit a counter claim but none of the information is applicable to a case like this where so little information is given that is simultaneously impossible to comply with the request and impossible to dispute it. If GitHub makes it this easy to spam DMCA requests then they should also provide some guidance for how to deal with spam requests.
I wonder if the FSF or someone else can come up with a good template response to DMCA requests that just don't have enough information in them. If the request doesn't even explain how you could comply then it should be possible to respond to that in a blanket fashion.