AI And Cybersecurity: A Glass Half-Empty/Half-Full Proposition, Where The Glass Is Holding Nitroglycerin

(Mis)Uses of Technology

from the yikes dept

First, some of the good news: certain AI models—currently Anthropic’s Mythos, but surely others are well on their way if they haven’t already arrived—turn out to be really good at finding cybersecurity vulnerabilities. As Anthropic itself reported:

During our testing, we found that Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so. The vulnerabilities it finds are often subtle or difficult to detect. Many of them are ten or twenty years old, with the oldest we have found so far being a now-patched 27-year-old bug in OpenBSD—an operating system known primarily for its security.

That’s quite the tool, if it can help find vulnerabilities so that they can be patched.

But it’s also quite the tool to help find vulnerabilities so that they can be exploited. Like so many tools, including technological tools, whether they are good or bad depends entirely in how they are used. A hammer is a really helpful tool for building things, but it also smashes windows. And with this news, AI now has the capability for some really destructive uses.

To try to prevent them, Anthropic is working with some of the largest tech companies in the world to let them use a preview of its model on their own software to help QA them and proactively patch vulnerabilities. As Casey Newton reports:

Anthropic announced Mythos alongside Project Glasswing, an initiative with more than 40 of the world’s biggest tech companies that will see Anthropic grant early access to the model to find and patch vulnerabilities across many of the world’s most important systems. Launch partners in the coalition include Apple, Google, Microsoft, Cisco and Broadcom.

They’ll be tasked with scanning and patching their own systems along with the critical open-source systems that modern digital infrastructure depends on. Anthropic is giving participants $100 million in usage credits for Mythos, and donating another $4 million to open-source security efforts.

This sounds like a great program. It also should be noted that the Mythos model is not consumer-grade AI; it takes expensive, dedicated infrastructure to run, which means that, at least for the moment, there’s not an imminent danger of it being misused. But trouble is nevertheless brewing, and someday it will be here, which raises certain questions, like:

(A) What about other AI models, which will inevitably be similarly powerful? What if they are produced by less ethical companies, who would have no compunction against rogue actors using their systems in destructive ways that Project Glasswing won’t have intercepted?

(B) And what about every single legacy technology system in use, which Project Glasswing is unlikely to be able to retroactively fix? Large, resourced companies may be able to weather the on-coming storm, but what about your local dentist office? Or a hospital? Municipal IT systems? Networked technology is everywhere, and these smaller businesses and institutions are likely to both have older, unpatched technology and also fewer resources to update and secure them, or deal with the consequences of a hack, which can be devastating for the business or the people they serve.

On the other hand, there does seem to be one other bit of good news with this revelation: governments, including that of the United States, have often engaged in the dubious practice of hording zero-days, or collecting information about vulnerabilities that they then kept secret so that they could exploit them themselves by using them on an adversary. For those unfamiliar, “zero-day” refers to a vulnerability that has yet to be disclosed, which is why it’s on “day zero,” or before the first day of it being a known vulnerability that could now be fixed.

Mythos’s capabilities would seem to obviate this strategy, because suddenly the stash of unknown vulnerabilities isn’t really going to be such a secret, since anyone using the model will be able to find them. Mythos’s existence changes the balance of interests, where the stronger national security play by the government would be to disclose any discovered vulnerability to the vendor as soon as possible so that they can be patched and our nation’s systems more secured. Arguably that was always the better national security play, but now there’s definitely no upside to trying to keep them secret because it now definitely needs to be presumed that adversaries will be able to find and exploit them. They’ll have the tools.

With these AI models we’re going to need to presume that everyone is going to have the tools to know about every vulnerability. Up to now there has been at least the illusion of some security, because vulnerabilities couldn’t be exploited if no one knew about them, and finding vulnerabilities is hard. But now that it will be easy, the risk to the nation’s cybersecurity is greater than we have ever before contended with.

It is also not really a great harbinger that we know about Mythos because… a copy of the software got leaked. It’s just the software that was leaked and not the models it uses to tune its “reasoning,” which means that anyone trying to now build their own Mythos is still missing an important piece if they want to mimic its full capabilities, but they would have a lot. Which is probably why Anthropic has been sending DMCA takedown notices to have the leaked software removed from the Internet.

But doing so raises a related issue: the role of copyright law when it comes to “vibe coding,” or “having an AI system write the software rather than a programmer, just by instructing it on what to do. It’s especially important in light of the cybersecurity concerns always raised by software (and including vibe-coded software, as we’re having to trust that what’s produced does not have vulnerabilities). Copyright requires a human author, which raises the question: can software written by an AI be copyrightable? The answer would appear to be no, unless there was a great deal of creative effort on the part of a human being to instruct the AI or modify the output. But as Ed Lee chronicled, per Anthropic itself, even its own software (“pretty much 100%”) is being written by AI. And if that’s the case, then Anthropic has no business sending takedown notices for its software because DMCA takedown notices are only for demanding the removal of copyrighted works, which, it would appear, Anthropic’s own code does not qualify for.

But maybe it’s better if software stops being subject to copyright. “Vibe coding,” is becoming increasingly efficient, to the point that there is likely no need for copyright to incentivize its authorship. Instead, what public policy really needs to emphasize is that whatever software is produced is secure software. But in many ways copyright obstructs that goal, like through its lengthy terms, which mean that while a copyright holder might not still be maintaining its older software, no one else can maintain and patch it either, without potentially infringing the software’s copyright.  Or through its privileged secrecy (unusually for copyright, when it comes to software you don’t actually have to disclose all the actual code to register a copyright in it!) and other powers to lock out security research efforts, like through Section 1201 of the DMCA, when such efforts aren’t specifically supported by the developer–assuming the developer supports any security testing at all, as right now there aren’t necessarily the incentives to make them care about it.  Instead public policy has given them the ability, like with copyright, to escape oversight of the security of their software products, even as those products end up embedded in more and more of our lives.

It’s time to change that focus and get copyright out of the way of making software security our top policy priority.

And fast.

Filed Under: ai, claude, claude code, copyright, cybersecurity, mythos, project glasswing, vulnerabilities, zero days
Companies: anthropic

Daily Deal: Luminar Mobile for iOS And Android

Deals

from the good-deals-on-cool-stuff dept

Luminar Mobile is your all-in-one creative companion designed for iOS, Android OS, and Chrome OS. Powered by an intuitive, touch-responsive interface, it lets you enhance photos effortlessly—anytime, anywhere. Whether you’re adjusting lighting, perfecting portraits, or adding artistic flair, Luminar Mobile delivers pro-level results in the palm of your hand. It’s on sale for $20.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

No Surprise Here: Inspection Reveals Dozens Of Violations In El Paso ICE Detention Center

Failures

from the fuck-em-for-being-human-beings,-I-guess dept

I’m not here to cut the Trump administration any slack or engage in both-sides bullshit, but this is something that has always been true: we treat anyone imprisoned or detained as less than human. The dehumanization begins with something we call “processing” — a word that separates a human from their humanity by making them sound like nothing more than paperwork.

The horrors seen in jails and prisons are often compounded at immigrant detention facilities. While some duty of less-than-minimal care might be extended to imprisoned US citizens, it’s far more often ignored when federal officers believe (mistakenly) that migrants aren’t protected by the Constitution.

The litany of violations stretches back forever. Techdirt doesn’t stretch back quite that far, but let’s take a stroll down memory lane.

From 2022, back when Biden was still in office and people like me were thinking no one would ever elect Trump to office again:

ICE’s ‘Fierce Commitment’ To Ensuring Detainees Are Cared For Properly Includes Inadequate Staffing, Unsanitary Facilities

That’s taken from a report demanding (“Management Alert”) the immediate removal of all detainees from this New Mexico detention center due to numerous violations, including a shortage of 112 employees and no less than 83 cells with “inoperable” sinks and toilets.

Going back further to Trump’s first administration:

Report Shows ICE Almost Never Punishes Contractors Housing Detainees No Matter How Many Violations They Rack Up

In this Inspector General’s report, we learned that only 28 of 106 contractors were provided with the tools needed to meet minimum “performance standards.” We also learned that the $3.9 billion being thrown to private contractors was shored up by absolutely no level of accountability. ICE approved 96% of waivers requested by contractors who failed to meet minimum housing standards for detainees.

While it’s been a persistent problem, things are significantly worse now. The Trump administration is detaining more migrants than ever before. It’s also far more willing to pawn these duties off on private prison contractors who prioritize making money over taking care of the people thrust into their care by Trump’s top bigots.

On top of that, the administration is fighting wars on several litigation fronts in hopes of preventing any form of oversight from slowing its roll towards total migrant annihilation. Everything that was bad before is getting so much worse.

Thanks to the White House Merchant of Death, RFK Jr., measles outbreaks are being reported at detention facilities. Thanks to absolutely every-fucking-body else in the administration, reports of inhumane conditions are somehow still on the rise, even after years of regularly reported inhuman conditions at ICE facilities.

Here’s even more. At a facility where guards were caught setting up suicide “death pools” for inmates, more evidence of deliberate cruelty and inhumane treatment has surfaced. The host of ongoing atrocities is none other than Camp East Montana, comfortably nestled in the heartland of the “who gives a fuck about immigrants” Fifth Circuit: El Paso, Texas.

Here’s the New York Times with the details of more man’s inhumanity to man, as personified by “immigration enforcement” forces of Trump’s second term.

An inspection in February of Camp East Montana in Texas, one of the country’s largest immigration detention centers, found dozens of violations of national standards, including instances that may have exposed detainees to illnesses and uses of force that were not documented, a new report found.

[…]

The inspection, which was carried out by the agency over three days in February and included interviews with 49 detainees, found that there were at least 49 overall “deficiencies” from national standards at the camp. Of all the deficiencies, 22 involved use of force and restraints, and five involved issues related to medical care. 

ICE actually released this inspection report. However, it did make sure names were changed redacted to protect the innocent guilty. While it’s uncharacteristically protective of the inspectors, it also makes sure we may never know which “Creative Corrections” employees helped make this detention center the hell hole it is.

Other censorship by the administration deliberately denies Americans access to the facts. What possible purpose is served here, other than allowing the government to pretend its rights violations were somehow excused by the [redacted] passage of time?

The government not only censored the number of detainee files reviewed, but also the ratio of files in noncompliance. What escapes ICE’s black-boxed attempts to redeem itself is this, which is plenty damning on its own:

[I]nitial classification process and initial housing assignments were not completed within 12 hours of detainees’ admission […]; rather they were completed 14 hours to 25 days after [admission]…

Everything that might show how often (or how frequently) violations occurred has been removed. It’s a deliberate muddying of the statistical waters. Who knows what’s behind the black box? It could mean rights were violated 10% of the time. Or it could mean rights were violated almost every time. But we the people — you know, the ones expected to foot the bill for this bullshit — aren’t allowed to know the actual details of what’s being done in our names.

If the government wants to play it that way, fine. We’ll just assume the worst and dare it to provide evidence to the contrary. And we know it never will. If or when the government decides to unredact this report, it will undoubtedly show us what we’ve always assumed: The administration and its contractors routinely abused detainees and violated their rights because the people in charge made it clear they don’t consider migrants to be humans.

And that makes this news as inevitable as it is deplorable:

So far this year, 14 people have died in U.S. Immigration and Customs Enforcement custody, including a Mexican man who was found unresponsive last week at a facility outside Los Angeles, according to data from the Department of Homeland Security.

If that seems like a low (or worse, an acceptable) number of deaths, think again:

In 2025, ICE reported 33 total in-custody deaths and in 2024 there were 11.

Deaths in ICE custody tripled under Trump during his first year back in office. If this pace continues, we’ll be looking at 56 in-custody deaths, which would nearly double the same number Trump managed to triple in 2025.

This will only get worse. The administration is still trying to buy up any warehouses it can to repurpose as detention centers. The workload is being stretched even thinner, leaving private citizens more poorly trained than current ICE officers in charge of the lives and well-being of thousands of detainees. The misery and death will continue. Unfortunately for us, this administration not only welcomes blood on its hands, but revels in it.

Filed Under: camp east montana, detention centers, dhs, el paso, ice, mass deportation, rights violations, trump administration

Court Blocks Republican Push To (Further) Dominate And Destroy Local Broadcast News

Legal Issues

from the 24/7-agitprop dept

Last month FCC boss Brendan Carr illegally ignored remaining U.S. media consolidation laws to rubber stamp Nexstar’s $6.2 billion purchase of Tegna. It’s part of the generational Republican quest to steadily consolidate media, then replace whatever journalism remains with a soggy mish mash of lazy infotainment and right wing propaganda (see: Sinclair Broadcasting).

But there’s trouble in paradise: a judge issued a temporary restraining order blocking the merger from proceeding. For now.

“Defendants must immediately cease all ongoing actions relating to integration and consolidation of Nexstar and Tegna,” wrote Troy Nunley, the chief judge in US District Court for the Eastern District of California.

The savior in this case is curiously DirecTV, not-long-ago spun off from its own disastrous union with AT&T. DirecTV filed suit saying that the consolidation in local broadcast TV will erode what’s left of competition in the local broadcast TV sector, harming product quality, opinion diversity, and labor, while resulting in higher overall prices (for everyone) in exchange for even worse product.

From the restraining order:

“Nexstar admits the merger will greatly increase its already huge “scale” and its “leverage,” i.e., the ability to force its TV distribution customers, including Plaintiff, to pay even
higher fees for local news, live sports, and other content they distribute to their subscribers.
Plaintiff alleges Nexstar will also shut down local newsrooms in dozens of markets, reducing the amount, variety, and quality of local broadcast news that Americans rely on for trusted
information about their communities. Plaintiff asserts those harms from reduced
competition are precisely what antitrust laws are designed to prevent.”

Nexstar was so certain the merger was a done deal, it had begun changing the physical signs and logos on many of the acquired stations it had begun integrating, something it’s since been forced to reverse. The company has also tried to insist it can’t comply with some of the Judge’s demands because some aspects of the early integration “can’t be undone.”

The deal would combine Nexstar’s stable of more than local 200 stations with Tegna’s 65 outlets in major markets nationwide, blowing past restrictions that no company can control more than 39 percent of households (the new combined company reaches 54.5 percent). In addition to the NexStar lawsuit, the companies are also being sued by a coalition of eight attorneys general and consumer groups.

Since Rupert Murdoch convinced Ronald Reagan to eliminate laws preventing one mogul from owning a paper and TV station in one market, Republican policies (and corporations) have pushed relentlessly to pursue the goal of a monolithic, highly consolidated media in exclusive service to the extraction class and corporate power. The result has been anything but subtle.

Media scholars have been warning about the perils of this for decades, but only recently, under the ham-fisted efforts of Trumpism, have people truly begun seeing the full outline of the threat. The media sector (like most U.S. sectors) desperately needs an antitrust renaissance; and if the federal government is no longer willing to engage in adult supervision, other parties will have to fill the void.

Filed Under: agitprop, antitrust, competition, consolidation, fcc, mergers, propaganda, republican, troy nunley, tv
Companies: nexstar, tegna

Court Dismisses Pepperdine’s Nonsense Trademark Suit Against Netflix Over ‘Running Point’

Trademark

from the rejected-at-the-rim dept

A little over a year ago, we wrote about a fairly silly lawsuit filed against Netflix (and Warner Bros.) by Pepperdine University in California for trademark infringement. At issue is the Netflix show Running Point, which is a fictionalized story of a female executive thrust into ownership of a professional basketball team, inspired by the Lakers’ Jeannie Buss, who is also an Executive Producer on the show. The show’s fictional team, which is supposed to be a reference to the NBA’s Los Angeles Lakers, is called “The Waves”. Pepperdine’s sports teams are also called “The Waves”, which the school claimed made all of this trademark infringement.

They were wrong about that, as we said in the previous post. Creative works are given wide latitude in trademark law, specifically in that the Rogers test typically applies. Even in the aftermath of the Supreme Court’s terrible ruling on parody in the case of the Bad Spaniels and Jack Daniels lawsuit, this was always a situation in which the Rogers test would definitely apply. Specifically, SCOTUS’ decision that Rogers doesn’t apply when the offending trademark is used as a source identifier, because we’re talking about a fictional team used in a wider work of fiction, meaning the use isn’t an identifier or any source.

Netflix and Warner petitioned for dismissal for those very reasons and the now the court has agreed and the suit has been dismissed.

U.S. District Judge Cynthia Valenzuela said ‌on Tuesday , opens new tab that the fictional Los Angeles Waves basketball team in “Running Point” did not violate the Malibu, California, school’s rights because the show did not use the “Waves” name and ​logo as trademarks.

The ruling goes into much more detail, of course. It very specifically examines whether the Rogers test applies, deciding it does based on the usage. For example:

Here, Plaintiff fails to allege that the Waves mark was used by Defendants to exploit the success of Plaintiff’s sports teams or to create an association between the Running Point series and Pepperdine’s teams. Rather, at most, the FAC shows that the Waves mark is “immediately recognized” to identify the Running Point series, and that its use is synonymous with the series. These allegations, which Plaintiff concludes show that the Waves mark is used to “identify the show” are still not sufficient to show that the Waves mark was used as a designation of source for the series. Plaintiff’s repeated use of the words “identify” and “source-identification” do not actually show how the Waves mark was used to identify the source of the series. Rather, here, Defendants clearly claim to be the source of the series.

Finally, the Court is not persuaded by Plaintiff’s arguments regarding the marketing of the show or Defendants’ behavior in similar uses. Although Plaintiff alleges that Defendants’ used the Waves mark in marketing the Running Point series, this does not alter the Court’s above analysis that the Waves mark is not used to identify the source of the series. And the fact that Defendants have obtained trademarks in fictional businesses central to their shows in the past again does not show that Defendants have used the Waves mark to identify the source of Running Point here.

The ruling goes on to note that if Rogers applies, the Lanham Act does not. With source identifying out of the equation, the only remaining question is if the use in this case is artistically relevant. As the fictional team the main character owns, the name of that team is obviously artistically relevant.

Pepperdine has been given leave to amend its complaint into something that is actually legally sound, but I’m struggling to understand what that would even be. In lieu of an amended complaint, it seems that some creative works are still protected some of the time from nonsense trademark infringement claims, even in a post Bad Spaniels world.

Filed Under: lanham act, likelihood of confusion, running point, trademark
Companies: netflix, pepperdine

A Baseless Copyright Claim Against A Web Host — And Why It Failed

Copyright

from the damn-copyright-trolls dept

Copyright law is supposed to encourage creativity. Too often, it’s used to extract payouts from others.

Higbee & Associates, a law firm known for sending copyright demand letters to website owners, targeted May First Movement Technology, accusing it of infringing a photograph owned by Agence France-Presse (AFP). The claim was baseless. May First didn’t post the photo. It didn’t even own the website where the photo appeared.

May First is a nonprofit membership organization that provides web hosting and technical infrastructure to social justice groups around the world. The allegedly infringing image was posted years ago by one of May First’s members, a human rights group based in Mexico. When May First learned about the copyright complaint, it ensured that the group removed the image.

That should have been the end of it. Instead, the firm demanded payment.

So EFF stepped in as May First’s counsel and explained why AFP and Higbee had no valid claim. After receiving our response, Higbee backed down.

This outcome is a reminder that targets of copyright demands often have strong defenses—especially when someone else posted the material.

Hosting Content Isn’t the Same as Publishing It

Copyright law treats those who create or control content differently from those who simply provide the tools or infrastructure for others to communicate.

In this case, May First provided hosting services but didn’t post the photo. Courts have long recognized that service providers aren’t direct infringers when they merely store material at the direction of users. In those cases, service providers lack “volitional conduct”—the intentional act of copying or distributing the work.

Copyright law also recognizes that intermediaries can’t realistically police everything users upload. That’s why legal protections like the Digital Millennium Copyright Act safe harbors exist. Even outside those safe harbors, courts still shield service providers from liability when they promptly respond to notices.

May First did exactly what the law expects: it notified its member, and the image came down.

A Claim That Should Have Been Withdrawn Much Sooner

The troubling part of this story isn’t just that a demand was sent. It’s that Higbee and AFP continued to demand money and threaten litigation after May First explained that it was merely a hosting provider and had the image removed.

In other words, the claim was built on shaky legal ground from the start. Once May First explained its role, Higbee should have withdrawn its demand. Individuals and small nonprofits shouldn’t need lawyers just to stop aggressive copyright shakedowns.

Statutory Damages Fuel Copyright Abuse

This isn’t an isolated case—it’s a predictable result of copyright law’s statutory damages regime.

Statutory damages can reach $150,000 per work, regardless of actual harm. That enormous leverage incentivizes firms like Higbee to send mass demand letters seeking quick settlements. Even meritless claims can generate revenue when recipients are too afraid, confused, or resource-constrained to fight back.

This hits community organizations, independent publishers, and small service providers that don’t have in-house legal teams especially hard. Faced with the threat of ruinous statutory damages, many just pay what is demanded.

That’s not how copyright law should work.

Know Your Rights

If you receive a copyright demand based on material someone else posted, don’t assume you’re liable.

You may have defenses based on:

• Your role as a hosting or service provider
• Lack of volitional conduct
• Prompt removal of the material after notice
• The statute of limitations
• The copyright owner’s failure to timely register the work
• The absence of actual damages

Every situation is different, but the key point is this: a demand letter is not the same as a valid legal claim.

Standing Up to Copyright Trolls

May First stood its ground, and Higbee abandoned its demand after we explained the law.

But the bigger problem remains. Copyright’s statutory damages framework enables aggressive enforcement tactics that targets the wrong parties, and chills lawful online activity.

Until lawmakers fix these structural incentives, organizations and individuals will keep facing pressure to pay up—even when they’ve done nothing wrong.

If you get one of these demand letters, remember: you may have more rights than it suggests.

• EFF Letter to Higbee and Associates, March 4, 2026

Republished from EFF’s Deeplinks blog.

Filed Under: copyright, copyright trolls, dmca, hosting, mathew higbee
Companies: afp, higbee & associates

Someone Filed a Bogus DMCA Notice to Kill a Story About A Sketchy SEO Firm. It Worked — Briefly.

Copyright

from the gee-who-could-have-the-incentive-to-do-that? dept

We’ve talked for years about how the DMCA’s notice-and-takedown system is ripe for abuse. The legal structure of the law practically begs for such abuse: send a notice, content disappears, and the target has to fight through a slow counter-notice process to maybe get it back. The system rewards speed of takedowns over accuracy because the burden of getting it wrong really only works one way. Sites have incentive to take content down first and ask questions later to avoid facing expensive liability. Getting it wrong may frustrate those whose content has disappeared, but there’s basically no legal cost to the platform. But if they get something wrong and leave infringing content up, they could face a very expensive legal bill. Which means anyone with something to hide and no particular attachment to honesty has a ready-made censorship tool at their disposal.

And while Google is rare in that it is much more aggressive in rejecting DMCA notices than most other sites, that doesn’t mean that it’s perfect.

Last week, Press Gazette published an investigation into Clickout Media, a UK-based company that has been buying up respected online news outlets, gutting their newsrooms, replacing human journalists with AI-generated writers (complete with AI-generated profile photos), and stuffing the sites full of affiliate links to offshore gambling operations. The whole game is to exploit the acquired sites’ reputations and search rankings — what’s known as “parasite SEO” — to drive gambling traffic through what look like legitimate publications. It’s a really excellent piece of reporting about a practice that is gutting digital news brands. Just a quick snippet, though it’s worth reading the whole thing:

Speaking anonymously, one former Clickout Media employee said: “I was moved from site to site. Writing guidelines and strategies changed every other week with very little explanation. At first, I didn’t write casino content, but then I wrote articles on bets and odds. Then AI articles started appearing.”

The owners of one site bought by UK-based Clickout Media said they were approached by anonymous buyers in the first instance.

The organisation has previously bought multiple sites in football and women’s sports (Football Blog, She Kicks, Sportslens, Sportslens UK, Sportscasting UK, Football Blog UK), as well as gambling sites, including Gambling Insider, for which it is suggested Clickout Media paid at least £12m.

However, within days of being published, the exposé disappeared from Google’s search results, removed after a DMCA copyright complaint.

A search of the exact Press Gazette headline: “The SEO parasites buying, exploiting and ultimately killing online newsbrands” does not bring the article up.

A note at the bottom of the Google search results page reveals for this query states: “In response to multiple complaints that we received under the US Digital Millennium Copyright Act, we have removed 2 results from this page. If you wish, you may read the DMCA complaints that caused the removals at LumenDatabase.org: Complaint, Complaint.”

A follow-up article by Search Engine Land covering the same topic was also removed (that’s the second “complaint” link above). So whoever was behind this was being thorough.

Now, Press Gazette doesn’t definitively identify who filed the takedown notice, and we should be careful here too. The complaint was filed anonymously from “US Hub” which gives us little info but which Press Gazette notes “suggests the complaint originated outside the US.” You can connect the dots yourself on who has a reason to make an investigative exposé of Clickout Media vanish from search results, but we can’t say for certain.

What we can say for certain is that the takedown notice itself is laughably, almost impressively, bogus. You can read it yourself over at the Lumen Database. The complaint claims Press Gazette’s entirely original investigation infringes on an unrelated article published by The Verge. That Verge article? It’s actually about Google cracking down on sketchy SEO practices, the likes of which Clickout Media seems to engage in. Which is, if nothing else, a spectacularly on-the-nose URL to attach to a fraudulent takedown of an article about sketchy SEO practices.

The language of the notice is quite something:

The infringing news website has blatantly and willfully violated copyright law by copying our entire content word for word, including all images, which are solely owned by our company. This includes the complete replication of our original written material, as published on our official website, along with the proprietary visuals accompanying it. Despite multiple good-faith efforts to resolve this matter amicably, the infringing party (hereinafter referred to as “Infringer”) continues to unlawfully publish and distribute our copyrighted content without permission. This is a direct and flagrant breach of our rights and a clear violation of Google’s copyright policies. We hereby demand the immediate removal of this infringing material from Google search results to protect our intellectual property.

None of that is true. Not one word. The Press Gazette article is original reporting. It has nothing to do with the Verge piece cited as the “original” work. There were no “multiple good-faith efforts to resolve this matter amicably,” because there was no infringement to resolve. The whole thing reads like someone fed a prompt into a chatbot asking it to write an angry-sounding but legally meaningless DMCA notice, and then pointed it at an article they wanted to disappear.

As the Press Gazette report on the bogus takedown notes, SEO experts found the whole thing bizarre, in part because Google is actually much better than most at sniffing out bullshit DMCA takedowns. But this one they missed.

Writing on X, SEO consultant Glenn Gabe said: “Surprised this was approved by Google…This is a BS DMCA takedown that doesn’t even make sense.”

Google processes an absolutely massive volume of takedown requests and rejects a good chunk of them. But this is the Impossibility Theorem in action: at that kind of scale, even a system that works well most of the time will let nonsense through sometimes. One bad notice that should have been caught in a ten-second review slips past, and suddenly a major piece of investigative journalism is invisible to anyone searching for it.

The good news is that, as of March 31, the Press Gazette article was reinstated in Google’s search results. The system worked, eventually. But that ‘eventually’ is doing a lot of heavy lifting. The article was invisible during what was probably the peak window of public interest in the story. Legal challenges to DMCA takedowns can take weeks or months to resolve, and the people who file these bogus notices know that. The copyright-enabled censorship just has to last long enough to blunt the impact.

For what it’s worth, the Press Gazette isn’t the only outlet digging into Clickout Media’s practices. Aftermath recently published its own extensive investigation based on eight months of reporting and interviews with more than two dozen current and former employees. That piece documents AI-generated author profiles, fake credentials (one supposed writer claimed an MA from Oxford in a program the university confirmed has never existed), writers being told never to publicly acknowledge any connection to Clickout Media, and a systematic strategy of acquiring beloved gaming publications only to fill them with crypto casino links.

Clickout Media is getting more and more negative attention, and Streisanding the Press Gazette story by having it removed from search will probably just attract more investigative reporters to the subject.

The company already has a pretty sketchy pattern: buy a respected publication, exploit its reputation, squeeze out whatever search ranking value you can, and discard the husk. And when someone publishes an article documenting what you’re doing, apparently get someone to file a bullshit copyright claim to make that article disappear too. It’s sketchy SEO all the way down.

This is why those of us who spend our time in the weeds of internet law won’t shut up about how legal liability systems are structured. The DMCA’s notice-and-takedown framework already gives bad actors a weapon to suppress speech. You don’t need a legitimate copyright claim. You don’t even need a coherent one. You just need to file the paperwork and wait for an automated system to do its thing.

And every time someone proposes weakening Section 230, or creating new obligations for platforms to proactively police third-party content, or imposing liability for hosting material that someone claims is harmful — they are, whether they realize it or not, proposing to hand bad actors this same kind of weapon in a dozen new calibers. The DMCA is the version of this we already have, and we can see plainly how it gets abused. We should be fixing the current system, and punishing the widespread abuses, rather than spreading that same broken incentive structure to every other area of online speech.

Bad actors will always exploit whatever legal lever is available to suppress content they don’t like. The question for policymakers is whether you’re going to keep handing them more levers. These kinds of bogus DMCA takedowns should be a warning for all those demanding reforms “weakening” Section 230. Because if you think bogus DMCA takedowns are bad now, just wait until they’re not just about copyright.

Filed Under: copyright, dmca, dmca takedown, parasite, search, seo, spam
Companies: clickout media, google, press gazette

Daily Deal: The 2026 Canva Bundle

Deals

from the good-deals-on-cool-stuff dept

The 2026 Canva Bundle has six courses to help you learn about graphic design. From logo design to business cards to branding to bulk content creation, these courses have you covered. It’s on sale for $20.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

The World Is Yours

Say That Again

from the they-can't-kill-us-all dept

Forgive me for this digression. I know it’s usually left to Mike Masnick to lift us up from our collective doldrums when things seem even more hopeless than they did last year. His New Year’s posts are never wrong. There are always silver linings, even if the filigree is more difficult to detect with each passing year.

This isn’t about Mike or silver linings or the as of yet unfulfilled promise of the New Year. This is a post written by a die hard defeatist and cynic who generally views each passing moment with increasing levels of defeatism.

But I’m wrong. Mike is actually right, even if my spirits often pretend they’re anchored to the ground like so many pre-oh-the-humanity German-built dirigibles.

I will tell you why I’m wrong. And it’s embarrassing. I have plenty to say about lots of stuff but I rarely convert my words into action. Recently, however, I did. And it has made all the difference.

At the request of my oldest kid, we attended the recent “No Kings” rally in Sioux Falls. I was clad in my finest Da Share Zone anti-ICE gear:

He was wearing my protest alternate, a Black Sabbath-inspired bit of rhetoric sure to piss off white Christian nationalists:

Suitably suited, we headed to the protest with a friend of mine and his wife.

Long story short, it was life-affirming. It was exactly what anyone who feels they are losing hope needs. I feel I’m pretty good with word stuff, but I think Will Bunch absolutely nailed it in his post-No Kings column for the Philadelphia Inquirer. Quoting Marlon Brando’s mantra in The Wild One (“What are you rebelling against? Whaddya got?”), Bunch moves on to quote real people engaged in protests against something both nebulous and evil… and finding solace in being around people just like them.

“You feel less isolated when you see everybody here, and then they feel less isolated,” Nancy Harris, a 62-year-old retired mental-health crisis counselor from Prospect Park, told me over the steady car honks from supportive motorists. “And I think it just motivates people in general…just putting good vibes out into the universe.”

There’s more. Here’s a 75-year-old protester who not only knows what’s at stake, but knows why you should never give up:

“I’ve been going up against the establishment my whole life,” said [John] Coia, speaking for a generation that grew up exercising its all-American right of free speech and, now in old age, is determined to keep using it while they still can. I asked him what was the last straw with Trump that convinced him to join “No Kings.”

“There is no last straw,” he said over the car honks. “It just keeps going. There’s a new straw every day.”

Both of these things can be true.

You can find hope in being with people who share your beliefs. You can also feel the fight is never-ending because the current administration just won’t stop being abjectly evil.

But the first thing is what matters: the government may never stop being evil, no matter who’s currently sitting behind the Resolute Desk. And people who want the government to serve the people and be less evil will always exist. The ebb and flow of these constants may shift the prevailing narrative, but it can’t undermine the actual truth — something Mike highlighted in a recent post about the horrors perpetrated by the administration in Minneapolis, Minnesota.

Here’s the quote from the Atlantic’s Adam Serwer that Mike highlighted in a long, must-read post that pointed out everything that’s right about America, even when everything seems to be going wrong:

The secret fear of the morally depraved is that virtue is actually common, and that they’re the ones who are alone.

This is where we come together. Until recently, I believed that “coming together” was just a meeting of the minds. But that’s just preaching to the converted, which doesn’t really do much, even if my “converted” are objectively better people than the MAGA “converted.”

What really matters is that people are resisting in increasingly large numbers. We often consider the word “community” to be a cliche because that’s how the government uses it (for example, “Intelligence Community”). We view it with the same (healthy!) suspicion as we would statements delivered by company officials claiming they treat employees like “family.”

It never means anything until you’ve actually experienced (firsthand) a good one. “Family” isn’t a compliment if yours sucks. The same can be said for any “community.”

Unlike families, you can choose your community. You don’t have to align yourselves with empty mouths spewing even emptier platitudes. You just need to go out and see for yourself. Sure, I’m my own anecdata in this post. But trust me, if things feel hopeless, all you really need is the company of people who do this day in and day out, despite the table being stacked against them.

I’m sure many (if not nearly all) of you have already had this experience. My greatest regret is that I put it off for so long. No one who truly believes in the cause will care one way or another about your day-to-day devotion. They’ll welcome you and stand beside you. Participation can be its own reward. And you’ll leave feeling more inspired to be the change we need in this world.

I just wish I had done this sooner. The world is ours. Let’s go take it.

Filed Under: corruption, evil, no kings, trump administration