Wed 21 June 2023
Tagged: ipfs

I received 3 DMCA takedown emails today, covering 7350 URLs on my hardbin.com IPFS
gateway. The URLs were allegedly serving infringing copies of books.
The strange part is that of those 7350 URLs, during the time for which I have nginx logs,
none of them have ever been accessed, and of the ones that I checked, none even worked.
Does this mean the DMCA takedown notices were fraudulent?

The notices were actually sent to abuse addresses at DigitalOcean and gandi, and I think gandi
forwarded them to me.

I have now taken hardbin.com down completely because dealing with this sort of thing makes it less fun to run and more like hard work, but I do still have a copy of the log files.

I did some bash-fu to extract the IPFS hashes from the emails and grep for them in my nginx logs,
and was surprised to find not a single match.

In case you are interested, I have posted the contents of the takedown notices in github gists:

• https://gist.github.com/jes/51496baaa48610f1b59a39804fd28df9
• https://gist.github.com/jes/597cf1fa84067586c906ac1d8c605f20
• https://gist.github.com/jes/f32147236874ef736be6190c2cce4a3d

Graham pointed me at a
Law.StackExchange thread covering what happens if you send false DMCA takedown notices. The short answer is I think nobody has ever
faced criminal charges, and there have been a very tiny number of civil cases.

The emails are sent from “notice@ciu-online.net”. There is a login form on www.ciu-online.net, but it is incredibly
generic, so it’s hard to work out who is behi