GitHub Reports On DMCA Takedowns
Written by Janet Swift   
Thursday, 07 July 2016

GitHub has published its 2015 Transparency Report to provide the community with information about the legal requests it dealt with in the past year.


The report covers two types of legal requests that GitHub receives:

  1. Requests to disclose user information, including Subpoenas, Court Orders, and Search Warrants and National Security Orders 

  2. Requests to remove or block user content including Government Takedown requests and DMCA Takedown Notices

This is the second time Github has produced statistics of this kind and so the report includes comparisons between 2014 and 2015. 

During 2015 the only type of request for user data was subpoenas, a total of 12 subpoenas, a similar number to 2014 when GitHub received10 such requests.

The following chart shows the Types of Subpoenas, notice that 8.3% corresponds to a single request: 



Information was disclosed in 83.3% of cases (i.e. 10 of the 12) but affected users were only provided notice in 30% (i.e. 3) of the 10 cases where a disclosure was made. This was due to the fact that the other 7  were subject to "gag orders", up from 4 in 2014.

GitHub also complied with an unspecified number of National Security Orders between 0 and 249, but the gag orders for these means that not only can it not report on the specifics of these case, it cannot even register the existence of such requests and can only provide information in very vague terms - hence the obfuscating statistic!

When it comes to takedown requests those from governments are rare. Requests from foreign governments only started in 2014, when there were three, all from Russia. In 2015 one such notice was received. Details are in GitHub's government takedowns repository.

In contrast there was a significant increase in the number of takedown requests submitted under the Digital Millennium Copyright Act (DMCA). The legislation outlines a process by which which a copyright holder can request GitHub to take down content the holder believes is infringing. The user who posted the content can respond by send a counter notice disputing the claim. GitHub posts details (with any personal information redacted) on its public DMCA repository which has entries since 2011, when they were posted in a much more flippant way with titles like "Sony at it once more". Nowadays the title is generally Process DMCA request but the filename gives information of the company from which the request originates, although third party agents are often used to make the request. 

In 2015 GitHub received almost double the number of DMCA takedown notices that in 2014, 505 compared to 258. It received 62 counter notices or retractions in 2015, compared to only 17 in 2014.


The monthly incidence of the two types of notices during 2015 is shown in this graph:



What matters most is the statistics about the number of projects affected by DMCA takedown requests. The report states:

Often, a single takedown notice can encompass more than one project. We wanted to look at the total number of projects, such as repositories, Gists, and Pages sites, that we had taken down due to DMCA takedown requests in 2015. By month, the projects we took down, and the projects that remained down after we processed retractions and counter notices, looks like this:




GitHub changed to way it processed DMCA takedown requests for forked repositories late in 2014 so no year by year comparison is available, but the September spike in this chart led to further analysis. The report explains:

Usually, the DMCA reports we receive are from people or organizations reporting a single potentially infringing repository. However, every now and then we receive a single notice asking us to take down many repositories. We classified “Mass Removals” as any takedown notice asking us to remove content from more than one hundred repositories, counting each fork separately, in a single takedown notice.

Once mass removals are excluded the chart looks very different:


Mass removals, which affect more than 100 repositories account for over three quarters of the takedown requests.  

Another analysis looks at where the requests come from. In the following chart a "Frequent Noticer" is defined as a notice sender who sends more than four takedown notices during the course of a year, with one of this group sending in multiple mass removals: 


Commenting on this chart the report states:

Looking at our takedown notices over the year in this light gives us a lot of information. For example, while 83% of our 505 DMCA takedown notices came in from individuals and organizations sending requests to take down small numbers of repositories, the remaining 17% of notices accounted for the overwhelming majority of the content we actually removed. In all, fewer than twenty individual notice senders requested removal of over 90% of the content GitHub took down in 2015.


More Information

GitHub's 2015 Transparency Report

Related Articles

The DMCA, Programmers And VWGate 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, FacebookGoogle+ or Linkedin.



Apache Releases NetBeans 22

Apache NetBeans 22 has been released. This release has a new Gradle Wizard, upgrades to Java 22 javac, and a number of UI changes.

OpenSilver 3 Adds AI-Powered UI Designer

OpenSilver 3 has been released with an AI-powered UI designer and support for VS Code. The open-source alternative to Silverlight is capable of running large, complex legacy applications, as well as n [ ... ]

More News


kotlin book



or email your comment to:

Last Updated ( Thursday, 07 July 2016 )