[unisog] RIAA in violation of DMCA requirements?

Mark Boolootian booloo at ucsc.edu
Tue Oct 4 17:48:09 GMT 2005

The below is a post made to the Resnet mailing list that talks
about DMCA complaints that we've received from the RIAA and
their lack of a valid digital signature.  In fact, I don't 
believe any of the organizations that have lodged copyright
complaints have ever provided anything that resembled a digital
signature (mediasentry, sony, paramount, universal studios, etc).

It's a bit surprising this issue hasn't received any visibility, 
as it suggests that all these groups are operating in violation 
of the requirements set forth in the DMCA.


Date:         Mon, 26 Sep 2005 18:23:42 -0700
>From:         Jim Warner <warner at cats.UCSC.EDU>
Subject:      RIAA complaint signatures

We have been receiving RIAA complaints that carry an attachment
"signature.cer".  The contents of this attachment is the same on
every message.  It does not contain a signature.  I'd be
interested in hearing from anyone on this list that has
received signed complaints from the RIAA that has verified
the signature.  Below the line is my reading of the law
and why this is important.  I'd be interested to hear any
comments.  Please understand that I'm not a lawyer -- just
trying to get my arms around this stuff.  Thanks.


The DMCA ( HR2281 section 512(c)(3)(A) ) sets out a description
of the elements of a copyright complaint.

The sub-paragraph that follows (  HR2281 section 512(c)(3)(B)(ii) )
explains how to proceed if the signature is missing.  What it
says is that we should complain back to the writer of the
original message if we have a problem with the signature.
If we don't complain, we can't use that later when we need
the safe harbor immunity afforded to service providers.

Said another way, if there's a problem with the signature,
our options are to:

   ask for a good signature


   accept the defective signature as valid

We cannot discard the complaining notice and still maintain
immunity from liability under Section 512.

There is some legal danger for the University for acting on
unsigned complaints.  If we were to harm an innocent user,
the signed complaint upon which we acted would transfer the
liability to the author of the complaining email.  But if the
email is not signed, we are taking the risk for the presumed
author of the document.  That does not seem wise.

I think that what we should do when we receive an unsigned
notice is (1) reply back that the document does not have
an electronic signature and we need one if we're to act,
and (2) notify the user that a complaint has been received.
We should not "take down" or block users or their content
without a signed complaint.

More information about the unisog mailing list