Disguised censorship isn’t a new theme on this blog – we’ve tracked instances over the last few years both in India and abroad where parties have tried to use shields such as defamation (no stranger to this blog, by the way) and copyright as swords to suppress content. The latest episode in this disturbing trend features Airtel, an Israel-based software company called Flash Networks, and blogger-activist Thejesh GN.
Medianama’s Riddhi Mukherjee tells the story:
“Last week, Bangalore-based Thejesh GN had noticed that Airtel was injecting Java script into its users browsing session, without seeking user consent. The screenshots shared by him on a GitHub thread have unfortunately been taken down, after Flash Networks sent a DMCA notice. However, you can see the screenshots here. Apparently the code inserts a toolbar into the user’s browsing session.”
You probably knew where this was going: Thejesh received a cease-and-desist notice, and Github received a DMCA takedown request. Mike Masnick at Techdirt makes two crucial observations on the case. First, the most alarming aspect of the notice is its threat of penal sanction – he’s been accused of criminal copyright infringement, and threatened with punishment. In what seems to be a roundabout way of saying “Don’t mess with us”, Flash Networks’ lawyers have copied the Commissioner of Police and the ADGP in charge of the Cyber Crime Police Station in Bangalore on the notice for good measure. Second, GitHub seems to have taken down the screenshots without notifying him – something the company has vowed not to do.
Of course, as with most other instances of censorship on the internet, the Streisand effect seems to have propelled Thejesh’s findings into the limelight.
Flash’s Copyright Claim
The argument, in essence, is that Thejesh published a snippet of proprietary code belonging to Flash, thus infringing upon their copyright. This claim seems to be questionable on several counts, each of which I will outline below.
Flash seems to have a problem with Thejesh “publishing” the snippet by uploading screenshots to Github. Paragraph 5 of the notice asserts that the code is closed-source, and therefore “no one can use the said code without obtaining license” from Flash. This seems to be a remarkable leap of logic. Closed-source software distribution models are implemented in one of two ways: either the provider keeps the source code outside everyone else’s reach, or he distributes the code to a small group of pre-approved recipients (licensees/clients) while inserting non-disclosure provisions into the license that become actionable upon breach. In this case, Flash has obviously not taken the first route (the snippet is visible to anyone who bothers to hit Ctrl + U on a browser), and it’s safe to assume that Thejesh has no contractual obligation towards Flash to keep the code he found to himself, in the absence of any legal relationship between them.
What’s more problematic, however, is the mischaracterisation of Thejesh’s “publication” of the snippet. Section 3 of the Copyright Act, 1957, for example, acknowledges that publication of a work occurs when it is made available to the public. The distinction here is between availability and access. The snippet was always available – in that sense, it Thejesh cannot be said to have “published” the code because it was always there for an interested viewer to read and examine. By putting out screenshots and pointing out the code to his sizeable Twitter following, Thejesh did not influence the availability of the code, but merely enabled greater access to it. In fact, he even did his best to attribute the code to its source. If such conduct is to be viewed as publication that infringes upon copyright, then Medianama could probably send me a similarly worded cease-and-desist for infringing upon Riddhi Mukherjee’s copyright by “publishing” his work without permission. To illustrate further, let’s extend this sort of claim to a non-software scenario. Let’s say the Ambedkar Periyar Study Circle at the Indian Institute of Technology, Madras drafts a pamphlet and puts it up in a publicly accessible noticeboard at the Institute. If we were to buy Flash’s claim, it would follow that copyright law could prevent me from taking a picture of this pamphlet and tweeting it for the purpose of holding a discussion on caste in India. In a nutshell, extending Flash’s argument to its logical conclusion, anyone who views and screenshots a webpage’s source code would be guilty of copyright infringement.
- Fair dealing
Even if Thejesh’s actions, prima facie, amounted to publishing an infringing copy of the code, he has several readily available defences. First off, there’s Section 52(1)(ac) of the Copyright Act, which provides that “the observation, study or test of functioning of the computer programme in order to determine the ideas and principles which underline any elements of the programme while performing such acts necessary for the functions for which the computer programme was supplied” shall not constitute infringement. The essence of Thejesh’s screenshots and tweets was the identification of the underlying principle of the snippet, and the highlighting of what can only be described as a Man In The Middle exploit inserted by Airtel or its partners unknown to its customers.
Similarly, another possible defence could lie in Section 52(1)(b) of the Act, which provides that a fair dealing of a copyrighted work (by means of photographs or otherwise) for the purpose of reporting current events would not constitute infringement. Thejesh’s actions seem to be squarely covered by this provision, since it’s quite clear that his only motivation in uploading screenshots was to report on Airtel’s practice, bringing it to the public’s attention.
A more interesting, although more tenuous defence presents itself in the form of Section 52(1)(t), which exempts the “making or publishing” of any work of artistic craftsmanship, if such work is permanently situated in premises to which the public has access. The challenge, of course, is whether a snippet of code would qualify as a work of artistic craftsmanship, but there certainly seems to be a principled argument in favour of Thejesh’s actions here.
As Medianama’s report states, Airtel has claimed total ignorance of the matter, claiming that one of its “network vendor partners” was responsible for the offending code.
Edit (18 June 2015): Lawrence Liang of the Alternative Law Forum has sent out a formal reply to Flash Networks on behalf of Thejesh. In it, he argues that Thejesh is well within his rights because of the provision in Section 52(1)(ac) of the Copyright Act. You can view a copy of the reply on Thejesh’s website here.