Vague infringement allegations considered harmful

Code is different from other copyrighted works—the code we write usually depends on code written by someone else. One project going dark—due to a DMCA takedown or otherwise—can impact thousands of developers. We saw that firsthand with both leftpad and mimemagic. That’s why GitHub designed its DMCA process to follow the law in requiring takedown requests to identify specific content. We want developers on our platform and elsewhere to have a clear opportunity to remove infringing code yet keep non-infringing code up for others to use, modify, and learn from.

Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That’s why GitHub submitted a “friend of the court” brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals.

Nonliteral infringement and creativity

This case is the most recent in a ten-year litigation spanning both the UK and the US. SAS Institute has brought copyright and non-copyright claims against World Programming’s software that runs code written in the SAS language, and the copyright claims drew comparison to the recent Google v. Oracle Supreme Court case.

But this case is different from Google v. Oracle because here the alleged copyright infringement is based on a claim of “nonliteral” infringement. That means there is no allegation that specific lines of code were literally copied, but only that other aspects, like the code’s overall structure and organization, were used. In nonliteral infringement claims, the questions arise: what aspects of the “nonliteral” features were taken and are they actually protected by copyright?

After examining the first question, the court found SAS Institute “simply repeated and repeated that [their system] was ‘creative’” but did not point to any specific examples that would enable the court (or the defendant) to identify which parts were used in order to ultimately determine if those parts were actually protected by copyright. The court ruled for the defendant, leading to this appeal.

What we said

GitHub believes that for claims involving nonliteral copying of software, it is critical that a copyright owner provide—as early as possible—examples that would allow a developer, a court, or a software collaboration platform like GitHub to identify what was claimed to be copied.

Our brief helps educate the court why specificity is especially important for developers. In most cases involving code, infringement allegations never make it to a courtroom—they often start and end with a software owner sending a demand letter to the developer or a DMCA notice to a platform like GitHub. If the allegations are so vague that no one can identify what parts of the code are at issue, there is no chance for meaningful response. This results in a no-win situation for the entire developer ecosystem and can have severe impacts on downstream users.

GitHub submitted its amicus brief to educate the court on why it is important in nonliteral infringement claims to identify examples of infringement at the earliest practicable moment:

• Removing software based on vague infringement claims often has a major impact on the developer community.
• Vague allegations disrupt critical projects.
• Vague allegations remove the chance to quickly remediate legitimate claims of infringement or quickly push back if the claim is misguided.

We urged the court to think about efficiency in dispute resolution to avoid FUD (fear, uncertainty, and doubt). The sooner infringement allegations can be made specific and clear, the sooner infringing code can be changed and non-infringing code can stay up. That should be the result for both federal lawsuits, as well as DMCA infringement notices.

Follow GitHub Policy on Twitter for updates about the laws and regulations that impact developers.

Written by

Justin Colannino

@royaljust