From 2a114c094ddf7245b3b04a6c8e43f0c3561841a7 Mon Sep 17 00:00:00 2001 From: dmca-sync-bot Date: Tue, 17 Sep 2024 20:41:39 +0000 Subject: [PATCH] Process DMCA request --- 2024/09/2024-09-16-nss.md | 116 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 2024/09/2024-09-16-nss.md diff --git a/2024/09/2024-09-16-nss.md b/2024/09/2024-09-16-nss.md new file mode 100644 index 000000000..89c9639d2 --- /dev/null +++ b/2024/09/2024-09-16-nss.md @@ -0,0 +1,116 @@ +Before disabling any content in relation to this takedown notice, GitHub +- contacted the owners of some or all of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work). +- provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice). + +To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice). + +--- + +Dear GitHub + +**DMCA Take Down Notice** + +1. We “Claranet” act for NotSoSecure Global Services Limited (“NSS”), NSS is a Claranet +group company. We write in relation to a course on GitHub that is infringing +Claranet’s and NSS copyright as set out below. Please take this letter as a formal +complaint and request to remove/take down the offending content set out below. + +2. We have read and understand GitHub's Guide to Filing a DMCA Notice. + +3. By way of background NSS created the content for a course they run called the +“Hacking and Securing cloud” course. For more information, please refer the below +link: https://notsosecure.com/security-training/hacking-and-securing-cloudinfrastructure + +4. This course was delivered by NSS, part of the Claranet group of companies. This +course is proprietary material and is for access by paying students and run virtually. +The course was not freely open to the public and is protected. Attendees had to pay +a fee to attend and in order to access such materials. Attendees were not authorised +to make any recording or copies of the course, nor to publicly distribute the +accompanying materials. The materials were shared with the attendees for their use +only in completion of the course. + +5. This course consisted of; the presentation/slide show, the notes for the +presenter/trainer, the answers to the course exam and the accompanying materials +for the students. Each of these individually and as a collection is a literary work +pursuant to s.3(1) of the Copyright, Designs and Patents Act 1988 (“CDPA”). + +6. It has since transpired that one attendee recorded and took a copy of the course and +materials, without the consent of Claranet or NSS and has shared the course and +provided student materials from the course on GitHub. The content found at the +following link (“GitHub Link”): +https://github.com/bobdolectf/pasta/blob/bf0474581d6bf216e76d91a9fae1ac31d397038a/nss.cloud.hacking + +7. The entire content posted at the GitHub Link above is in breach of the terms of use +and terms for the course, as well as the CDPA. + +8. Under s.11 CDPA Claranet and NSS are the owners of the copyright within each +recording and literary copies of the course and the individual accompanying content. +It is also the owner of the copyright within the collection all of these as a whole. + +9. All content created for the course is marked with a copyright notice. An example of +this is shown below. There is also a copyright notice on the portal attendees sign into +to obtain the accompanying material for the course and on any supplementary +documentation distributed as part of the course. + +10. The course content has been shared on and is publicly available on GitHub via the +student’s handle on GitHub, found in the student’s “Files” and “Web” folder, file +name “nss.cloud.hacking” and this complaint is therefore within the scope of your +copyright complaints process. The content has been shared, as shown in the +screenshots below: + +[private] + +11. NSS has already submitted a notice through GitHub’s DMCA process, a copy of which +is attached to this letter. The GitHub Trust & Safety team has requested clarifications +summarised below: + +(a) Is this a student’s own work? Please see image above which highlights NSS’ +content and the same content as copy on the student's GitHub file. The content +uploaded to GitHub in the file, is a copy of NSS’ course proprietary content. It is +not the student’s own work. + +(b) Suggestion that NSS contact the student directly: NSS and Claranet have +attempted to make contact with the student, but they only have the student’s [private] handle: [private]. Contact has not been +successful. + +(c) Bring this infringement to the trainers attention and provide guidance to +students: The representative of NSS that submitted the recent DMCA application +to GitHub is the course trainer and already provides such guidance notice to +students. + +(d) Please provide evidence that NSS/Claranet owns the copyright to the course and +content and is protected under copyright: This notice and complaint including its’ +content and supporting evidence clearly proves copyright and ownership by NSS +and Claranet. + +12. NSS/Claranet’s copyright is being blatantly infringed by the sharing of the content +without the consent, licence or authorisation of Claranet. This unauthorised sharing +amounts to infringement under s. 17(1) and (2), s.18(1) and s.20(1) CDPA. + +13. In light of the above, we ask that you immediately remove/suspend/permanently +block the channel/source identified above and remove and disable all files and +shared links from those channels. + +14. We await your response as a matter of urgency. In the meantime, rights are +expressly reserved. + +I swear, under penalty of perjury, that the information in this notification is accurate and +that I am the copyright owner, or am authorized to act on behalf of the owner, of an +exclusive right that is allegedly infringed. + +I have a good faith belief that use of the copyrighted materials described above on the +infringing web pages is not authorised by the copyright owner, or its agent, or the law. + +I have taken fair use into consideration. + +Yours faithfully + +[private] + +[private] +[private] +Claranet Ltd +On behalf of NotSoSecure Global Services Limited + +Email: [private] +Tel: [private]