Digital Millennium Copyright Act

The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization (WIPO). It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works (commonly known as digital rights management or DRM). It also criminalizes the act of circumventing an access control, whether or not there is actual infringement of copyright itself. In addition, the DMCA heightens the penalties for copyright infringement on the Internet. Passed on October 12, 1998, by a unanimous vote in the United States Senate and signed into law by President Bill Clinton on October 28, 1998, the DMCA amended Title 17 of the United States Code to extend the reach of copyright, while limiting the liability of the providers of online services for copyright infringement by their users.

The DMCA's principal innovation in the field of copyright is the exemption from direct and indirect liability of Internet service providers and other intermediaries. This exemption was adopted by the European Union in the Electronic Commerce Directive 2000. The Information Society Directive 2001 implemented the 1996 WIPO Copyright Treaty in the EU.

Background and legislative history
The Digital Millennium Copyright Act (DMCA) had its basis as part of the United States' commitment to comply with two treaties passed by the World Intellectual Property Organization (WIPO) in December 1996 that dealt with the nature of copyright with modern information systems such as the Internet. The WIPO Copyright Treaty identified numerous electronic works as eligible for copyright protection, and stated that circumvention of technological measures used to secure electronic works was to be prohibited. The WIPO Performances and Phonograms Treaty worked to normalize the copyright protections for performed works as uniformly for member states as possible.

The process of ratifying the treaties for the United States was the first major piece of copyright-related legislation since the Copyright Act of 1976, and led to numerous interested groups to express concerns for how the treaties should be implemented, including content producers and distributors, technology manufacturers, online service providers, researchers and academics, and consumer groups. Some groups urged for stronger copyright enforcement while others sought more relaxing of rules. As the bill was being formed in the Commerce Committee in the House of Representatives, the committee recognized that the final bill would be far more encompassing than just copyright reform but would be establishing key principles in the digital commerce marketplace.

In evaluating the enforcement of the WIPO Copyright Treaty with its anti-circumvention provisions with U.S. copyright law, lawmakers recognized that traditionally copyright law did not generally account for the medium of the work, as it was generally impossible to make an exact copy of an analog work previously, and current law was only concerned with unlawful acts of copyright violations. Since digital technology could allow for infinite numbers of exact copies of works to be made, the lawmakers agreed they had to extend copyright to include limits on devices and services which could be used for circumvention in addition to acts of circumvention. In establishing this, the lawmakers also recognized this would have a negative impact on fair use without exceptions, with electronic works potentially falling into the public domain but still locked beyond circumvention measures, but they also needed to balance the rights of copyright holders. The DMCA as passed contained some basic fair use allowance such as for limited reverse engineering and for security research. Lawmakers opted to create a rulemaking mechanism through the United States Copyright Office to review the state of copyrights and fair use to make limited classes of allowance for fair use which would be considered lawful means of using circumvention technology.

Title I: WIPO Copyright and Performances and Phonograms Treaties Implementation Act
DMCA Title I, the WIPO Copyright and Performances and Phonograms Treaties Implementation Act, amends U.S. copyright law to comply with the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty, adopted at the WIPO Diplomatic Conference in December 1996. The treaties have two major portions. One portion includes works covered by several treaties in U.S. copy prevention laws and gave the title its name. For further analysis of this portion of the Act and of cases under it, see WIPO Copyright and Performances and Phonograms Treaties Implementation Act.

The second portion (17 U.S.C. 1201) is often known as the DMCA anti-circumvention provisions. These provisions changed the remedies for the circumvention of copy-prevention systems (also called "technical protection measures"). The section contains a number of specific limitations and exemptions, for such things as government research and reverse engineering in specified situations. Although section 1201(c) of the title stated that the section does not change the underlying substantive copyright infringement rights, remedies, or defenses, it did not make those defenses available in circumvention actions. The section does not include a fair use exemption from criminality nor a scienter requirement, so criminal liability could attach to even unintended circumvention for legitimate purposes.

Title II: Online Copyright Infringement Liability Limitation Act
DMCA Title II, the Online Copyright Infringement Liability Limitation Act ("OCILLA"), creates a safe harbor for online service providers (OSPs, including ISPs) against copyright infringement liability, provided they meet specific requirements. OSPs must adhere to and qualify for certain prescribed safe harbor guidelines and promptly block access to alleged infringing material (or remove such material from their systems) when they receive notification of an infringement claim from a copyright holder or the copyright holder's agent (a "notice and takedown" process). OCILLA also includes a counternotification provision that offers OSPs a safe harbor from liability to their users when users claim that the material in question is not, in fact, infringing. OCILLA also facilitates issuing of subpoenas against OSPs to provide their users' identity.

Title III: Computer Maintenance Competition Assurance Act
DMCA Title III modified section 117 of the copyright title so that those repairing computers could make certain temporary, limited copies while working on a computer. It reversed the precedent set in MAI Systems Corp. v. Peak Computer, Inc., 991 F.2d 511 (9th Cor. 1993).

Title IV: Miscellaneous Provisions
DMCA Title IV contains an assortment of provisions:
 * Clarified and added to the duties of the Copyright Office.
 * Added ephemeral copy for broadcasters provisions, including certain statutory licenses.
 * Added provisions to facilitate distance education.
 * Added provisions to assist libraries with keeping phonorecords of sound recordings.
 * Added provisions relating to collective bargaining and the transfer of movie rights.

Title V: Vessel Hull Design Protection Act
DMCA Title V added sections 1301 through 1332 to add a sui generis protection for boat hull designs. Boat hull designs were not considered covered under copyright law because boats are useful articles whose form cannot be separated from their function as determined by the Supreme Court case Bonito Boats, Inc. v. Thunder Craft Boats, Inc..

Anti-circumvention exemptions
In addition to the safe harbors and exemptions the statute explicitly provides, 17 U.S.C. 1201(a)(1) requires that the Librarian of Congress issue exemptions from the prohibition against circumvention of access-control technology. Exemptions are granted when it is shown that access-control technology has had a substantial adverse effect on the ability of people to make non-infringing uses of copyrighted works.

The exemption rules are revised every three years. Exemption proposals are submitted by the public to the Registrar of Copyrights, and after a process of hearings and public comments, the final rule is recommended by the Registrar and issued by the Librarian. Exemptions expire after three years and must be resubmitted for the next rulemaking cycle.

Previous exemptions
The Copyright Office approved two exemptions in 2000, four in 2003, six each in 2006 and 2010, five in 2012, and nine in 2015.

In 2000, the first rulemaking, the Office exempted:
 * 2000 rulemaking
 * "Compilations consisting of lists of websites blocked by filtering software applications" (renewed in 2003 but not renewed in 2006); and
 * "Literary works, including computer programs and databases, protected by access control mechanisms that fail to permit access because of malfunction, damage, or obsoleteness." (revised and limited in 2003 and again in 2006).

In 2003, the Office made the following rules:
 * 2003 rulemaking
 * The 2000 filtering exemption was revised and renewed.
 * The 2000 "literary works including computer programs" exemption was limited to "Computer programs protected by dongles that prevent access due to malfunction or damage and which are obsolete" and this exemption was renewed in both 2006 and 2010.
 * A new exemption was implemented for electronic books for which technological protection measures prevented the use of read-aloud software or screen readers. This exemption was renewed in 2006, 2010, 2012, and 2015.
 * A new exemption was made for "Computer programs and video games distributed in formats that have become obsolete and which require the original media or hardware as a condition of access." This exemption was renewed in 2006 but not in 2010.

In 2006, the Office made the following rules:
 * 2006 rulemaking
 * The 2003 exemption on obsolete computer programs and video games was renewed.
 * The 2003 exemption on computer programs protected by dongles was renewed.
 * The 2003 exemption on electronic books was renewed.
 * A new exemption was made for sound recordings allowed after security flaws were found in a copy protection system on some Sony CDs; this was not renewed in 2010.
 * A new exemption was implemented covering the audiovisual works included in the educational library of a college or university's film or media studies department; this was not renewed in 2010.
 * A new exemption was implemented allowing circumvention to allow wireless telephone handsets to connect to wireless networks. This exemption was revised in 2010 to specify used handsets and require authorization from the wireless network operator. Another exemption for wireless handsets was introduced in 2010 specific to interoperability software on the phone itself.

Rulemaking was scheduled to occur in 2009, but the final rule was not issued until the following year. The 2010 exemptions, issued in July 2010, are:
 * 2010 rulemaking
 * Motion pictures on DVDs that are lawfully made and acquired and that are protected by the Content Scrambling System when circumvention is accomplished solely in order to accomplish the incorporation of short portions of motion pictures into new works for the purpose of criticism or comment, and where the person engaging in circumvention believes and has reasonable grounds for believing that circumvention is necessary to fulfill the purpose of the use in the following instances:
 * Educational uses by college and university professors and by college and university film and media studies students;
 * Documentary filmmaking;
 * Obsolete software and video game formats.
 * Noncommercial videos. (A new exemption in 2010, similar to a previous educational exemption.)
 * Computer programs that enable wireless telephone handsets to execute software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications, when they have been lawfully obtained, with computer programs on the telephone handset. (A new exemption in 2010.)
 * Computer programs, in the form of firmware or software, that enable used wireless telephone handsets to connect to a wireless telecommunications network, when circumvention is initiated by the owner of the copy of the computer program solely in order to connect to a wireless telecommunications network and access to the network is authorized by the operator of the network. (Revised from a similar exemption approved in 2006.)
 * Video games accessible on personal computers and protected by technological protection measures that control access to lawfully obtained works, when circumvention is accomplished solely for the purpose of good faith testing for, investigating, or correcting security flaws or vulnerabilities, if:
 * The information derived from the security testing is used primarily to promote the security of the owner or operator of a computer, computer system, or computer network; and
 * The information derived from the security testing is used or maintained in a manner that does not facilitate copyright infringement or a violation of applicable law. (A new exemption in 2010.)
 * Computer programs protected by dongles that prevent access due to malfunction or damage and which are obsolete. A dongle shall be considered obsolete if it is no longer manufactured or if a replacement or repair is no longer reasonably available in the commercial marketplace. (A renewed exemption from 2006, based on a similar exemption approved in 2003.)
 * Literary works distributed in e-book format when all existing e-book editions of the work (including digital text editions made available by authorized entities) contain access controls that prevent the enabling either of the book's read-aloud function or of screen readers that render the text into a specialized format. (A renewed exemption from 2006, based on a similar exemption approved in 2003.)

The 2012 exemptions, issued in November 2012, are for:
 * 2012 rulemaking
 * Literary works, distributed electronically, that are protected by technological measures that either prevent the enabling of read-aloud functionality or interfere with screen readers or other applications or assistive technologies
 * Computer programs that enable smartphones and portable all-purpose mobile computing devices to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device or to permit removal of software from the smartphone or device
 * Computer programs that enable certain types of wireless devices to connect to a wireless telecommunications network, when circumvention is undertaken solely in order to connect to a wireless telecommunications network and such connection is authorized by the operator of such network
 * Motion pictures (including television shows and videos), as defined in 17 U.S.C. 101, where circumvention is undertaken solely in order to make use of short portions of the motion pictures for the purpose of criticism or comment in limited instances
 * Motion pictures and other audiovisual works on DVDs that are protected by the Content Scrambling System, or that are distributed by an online service and protected by technological measures that control access to such works, where circumvention is related to developing captioning and descriptive audio technologies

The 2015 exemptions, issued in October 2015, are for:
 * 2015 rulemaking
 * Motion pictures (including television shows and videos), as defined in 17 U.S.C. 101, where circumvention is undertaken solely in order to make use of short portions of the motion pictures for the purpose of criticism or comment in limited instances,
 * Literary works, distributed electronically, that are protected by technological measures that either prevent the enabling of read-aloud functionality or interfere with screen readers or other applications or assistive technologies,
 * Computer programs that enable the following types of wireless devices to connect to a wireless telecommunications network, when circumvention is undertaken solely in order to connect to a wireless telecommunications network and such connection is authorized by the operator of such network,
 * Computer programs that enable smartphones, tablets, and portable all-purpose mobile computing devices, and smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device or to permit removal of software from the smartphone or device,
 * Computer programs that are contained in and control the functioning of a motorized land vehicle such as a personal automobile, commercial motor vehicle, or mechanized agricultural vehicle, except for computer programs primarily designed for the control of telematics or entertainment systems for such vehicle, when circumvention is a necessary step undertaken by the authorized owner of the vehicle to allow the diagnosis, repair or lawful modification of a vehicle function,
 * Computer programs, where the circumvention is undertaken on a lawfully acquired device or machine on which the computer program operates solely for the purpose of good-faith security research and does not violate any applicable law,
 * Video games in the form of computer programs embodied in physical or downloaded formats that have been lawfully acquired as complete games, when the copyright owner or its authorized representative has ceased to provide access to an external computer server necessary to facilitate an authentication process to enable local gameplay,
 * Computer programs that operate 3D printers that employ microchip-reliant technological measures to limit the use of feedstock, when circumvention is accomplished solely for the purpose of using alternative feedstock and not for the purpose of accessing design software, design files or proprietary data, and
 * Literary works consisting of compilations of data generated by medical devices that are wholly or partially implanted in the body or by their corresponding personal monitoring systems, where such circumvention is undertaken by a patient for the sole purpose of lawfully accessing the data generated by his or her own device or monitoring system.

The 2018 exemptions, issued in October 2018, are for:
 * 2018 rulemaking
 * Motion pictures (including television shows and videos), as defined in 17 U.S.C. 101, where circumvention is undertaken solely in order to make use of short portions of the motion pictures for the purpose of criticism or comment, for supervised educational purposes, or to accommodate for accessibility for disabled students in educational institutions;
 * Literary works, distributed electronically, that are protected by technological measures that either prevent the enabling of read-aloud functionality or interfere with screen readers or other applications or assistive technologies;
 * Literary works consisting of compilations of data generated by medical devices that are wholly or partially implanted in the body or by their corresponding personal monitoring systems, for the sole purpose of lawfully accessing the data on one's own device;
 * Computer programs that enable wireless devices to connect to a wireless telecommunications network when circumvention is undertaken solely in order to connect to a wireless telecommunications network and such connection is authorized by the operator of such network;
 * Computer programs that enable smartphones, tablets and portable all-purpose mobile computing devices, and smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device or to permit removal of software from the smartphone or device;
 * Computer programs that enable smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smart television;
 * Computer programs that enable voice assistant devices to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the device;
 * Computer programs that are contained in and control the functioning of a motorized land vehicle such as a personal automobile, commercial motor vehicle, or mechanized agricultural vehicle, except for computer programs primarily designed for the control of telematics or entertainment systems for such vehicle, when circumvention is a necessary step undertaken by the authorized owner of the vehicle to allow the diagnosis, repair or lawful modification of a vehicle function;
 * Computer programs that are contained in and control the functioning of a lawfully acquired smartphone or home appliance or home system when circumvention is a necessary step to allow the diagnosis, maintenance, or repair of such a device or system;
 * Computer programs, where the circumvention is undertaken on a lawfully acquired device or machine on which the computer program operates solely for the purpose of good-faith security research and does not violate any applicable law,
 * Video games in the form of computer programs embodied in physical or downloaded formats that have been lawfully acquired as complete games, when the copyright owner or its authorized representative has ceased to provide access to an external computer server necessary to facilitate an authentication process to enable local gameplay;
 * Video games in the form of computer programs embodied in physical or downloaded formats that have been lawfully acquired as complete games, that do not require access to an external computer server for gameplay, and that are no longer reasonably available in the commercial marketplace, solely for the purpose of preservation of the game in a playable form by an eligible library, archives, or museum;
 * Computer programs used to operate video game consoles solely to the extent necessary for an eligible library, archives, or museum to engage in the preservation activities for the video game exceptions above;
 * Computer programs, except video games, that have been lawfully acquired and that are no longer reasonably available in the commercial marketplace, solely for the purpose of lawful preservation of a computer program, or of digital materials dependent upon a computer program as a condition of access, by an eligible library, archives, or museum; and
 * Computer programs that operate 3D printers that employ microchip-reliant technological measures to limit the use of feedstock, when circumvention is accomplished solely for the purpose of using alternative feedstock and not for the purpose of accessing design software, design files, or proprietary data.

The 2021 exemptions, issued in October 2021, are for:
 * 2021 rulemaking
 * Motion pictures (including television shows and videos), as defined in 17 U.S.C. 101, where circumvention is undertaken solely in order to make use of short portions of the motion pictures for the purpose of criticism or comment, for supervised educational purposes, to accommodate for accessibility for disabled students in educational institutions, for preservation of the motion picture by a library, archive, or museum, or for research purposes at educational institutions;
 * Literary works, distributed electronically, that are protected by technological measures that either prevent the enabling of read-aloud functionality or interfere with screen readers or other applications or assistive technologies, or for research purposes at educational institutions;
 * Literary works consisting of compilations of data generated by medical devices that are wholly or partially implanted in the body or by their corresponding personal monitoring systems, for the sole purpose of lawfully accessing the data on one's own device;
 * Computer programs that enable wireless devices to connect to a wireless telecommunications network when circumvention is undertaken solely in order to connect to a wireless telecommunications network and such connection is authorized by the operator of such network;
 * Computer programs that enable smartphones, tablets, and portable all-purpose mobile computing devices, and smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device or to permit removal of software from the smartphone or device;
 * Computer programs that enable smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smart television;
 * Computer programs that enable voice assistant devices to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the device;
 * Computer programs that enable routers and dedicated network devices to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the router or dedicated network device, and is not accomplished for the purpose of gaining unauthorized access to other copyrighted works;
 * Computer programs that are contained in and control the functioning of a lawfully acquired motorized land vehicle or marine vessel such as a personal automobile or boat, commercial vehicle or vessel, or mechanized agricultural vehicle or vessel, except for programs accessed through a separate subscription service, when circumvention is a necessary step to allow the diagnosis, repair, or lawful modification of a vehicle or vessel function, where such circumvention is not accomplished for the purpose of gaining unauthorized access to other copyrighted works;
 * Computer programs that are contained in and control the functioning of a lawfully acquired device that is primarily designed for use by consumers, when circumvention is a necessary step to allow the diagnosis, maintenance, or repair of such a device, and is not accomplished for the purpose of gaining access to other copyrighted works;
 * Computer programs that are contained in and control the functioning of a lawfully acquired medical device or system, and related data files, when circumvention is a necessary step to allow the diagnosis, maintenance, or repair of such a device or system.
 * Computer programs, where the circumvention is undertaken on a lawfully acquired device or machine on which the computer program operates, or is undertaken on a computer, computer system, or computer network on which the computer program operates with the authorization of the owner or operator of such computer, computer system, or computer network, solely for the purpose of good-faith security research.
 * Video games in the form of computer programs embodied in physical or downloaded formats that have been lawfully acquired as complete games, when the copyright owner or its authorized representative has ceased to provide access to an external computer server necessary to facilitate an authentication process to enable local gameplay;
 * Computer programs, except video games, that have been lawfully acquired and that are no longer reasonably available in the commercial marketplace, solely for the purpose of lawful preservation of a computer program, or of digital materials dependent upon a computer program as a condition of access, by an eligible library, archives, or museum, where such activities are carried out without any purpose of direct or indirect commercial advantage.
 * Computer programs that operate 3D printers that employ technological measures to limit the use of material, when circumvention is accomplished solely for the purpose of using alternative material and not for the purpose of accessing design software, design files, or proprietary data;
 * Computer programs, solely for the purpose of investigating a potential infringement of free and open source computer programs;
 * Video games in the form of computer programs, embodied in lawfully acquired physical or downloaded formats, and operated on a general-purpose computer, where circumvention is undertaken solely for the purpose of allowing an individual with a physical disability to use software or hardware input methods other than a standard keyboard or mouse.

2015 Study
After much criticism (see below), on December 29, 2015, the Copyright Office initiated a study to assess the operation of section 1201 and the triennial rulemaking process. This is different from usual public comments on exemption proposals. It includes the role of the anti-trafficking provisions and permanent exemptions, and the requirements of the rulemaking itself. The Office has issued a Notice of Inquiry requesting public comment.

Several comments were posted by individuals and organizations. An individual recalls that the Copyright Clause has limitations. Association of American Publishers et al. hold there is no need to amend the statute or to significantly alter the rulemaking. They are happy with the protection they are being granted, including anti-trafficking provisions, and talk of placing the cart before the horse, when they argue about requiring a proof of the mindset that consumers would have when utilizing circumvention tools before actual acts of circumvention occur. In their opinion, the meaning of Section 1201 is to extend, not merely duplicate, copyright holder's rights. Society of American Archivists say they are not aware that the anti-trafficking provisions of section 1201(a)(2) and 1201(b) have had any impact in deterring copyright infringement. They do know, however, that the provisions have created an absurd, Catch-22 situation for any archives that sought to adhere to the letter of the law. iFixit also talks of Catch-22 on stressing that since it is up to proponents to show that an exemption is relevant, they need to show that there's overwhelming market demand if only it were legal. Rapid7 notice that DMCA adversely affects good faith security research by forbidding researchers from circumventing technological protection measures (TPMs) to analyze software for vulnerabilities. Cyberlaw Clinic at Harvard Law School points out that the rulemaking is a complicated, ad hoc, and unduly burdensome process. Professors Andrea M. Matwyshyn, Steven M. Bellovin, Matt Blaze, J. Alex Halderman, and Nadia Heninger, jointly advocated making the security research exemption granted in the 2015 Triennial Section 1201 Rulemaking permanent.

The Learning Disabilities Association of America (LDA) commented that circumventing DRM restrictions to meet accessibility needs deserves a permanent exception. Entertainment Software Association gives a vivid and detailed description of a flourishing market which is only possible because of DMCA. They are deeply concerned about people with disabilities, but that concern is already being taken care of by the copyright holders, so that no permanent exception is needed.

Comments have also been submitted by, among others, R Street Institute American Association of Law Libraries, Business Software Alliance, Alliance of Automobile Manufacturers, Association of American Universities et al., Copyright Alliance,  Association for Computing Machinery U.S. Public Policy Council, the Software and Information Industry Association,  DVD Copy Control Association ("DVD CCA") et al., Microsoft Corporation, Association for Competitive Technology, Public Knowledge,  American Automobile Association.

In June 2017, the Copyright Office published a report where it "shares the concern" that Section 1201 can affect activities unrelated to copyright infringement, but also expressed concerns over weakening "the right of copyright owners to exercise meaningful control over the terms of access to their works online", which they believe is "essential to the development of the digital marketplace for creative content". However, with respect to the question of whether the security research exemption granted in the 2015 Triennial cycle should be made permanent in some form, the Office recommended "that Congress consider expanding the reach of this exemption, easing the strict authorization requirement for researchers and restrictions on the use of information generated from the research, and abandoning or clarifying the multifactor test," stating that "it continues to believe that the exemption adopted in 2015 can be a useful starting point, and notes that most of the security researchers who petitioned for that exemption ... agree."

Anti-circumvention
The anti-circumvention provisions in Section 1201 of the DMCA have seen some challenges in the courts but which have generally been upheld. While initially the challenges were focused on clear applications to software-based access control products, some cases considered how the DMCA also extended to hardware-based access controls.

Software-based case law
Universal City Studios, Inc. v. Reimerdes/Universal City Studios, Inc. v. Corley – Eight movie studios had sued Eric Corley, Shawn Reimerdes, and Roman Kazan, editors of 2600: The Hacker Quarterly, for publishing the code of DeCSS, an algorithm designed to bypass the Content Scramble System (CSS) used to encrypt DVD content. The studios argued that the code was an anti-circumvention device as defined by the DMCA. While Reimerdes and Kazan entered into consent decrees and were subsequently dropped from the suit, Corley continued the case. He argued that DeCSS, as computer code, was protected as free speech, and the DMCA allowed users to make copies of media they legally owned. Both the District Court and the Second Circuit rejected Corley's arguments. While the court agreed that a computer program qualifies as protected speech, the distribution of anti-circumvention devices was not considered a fair use option by Section 1201, and thus DeCSS was not protected by First Amendment rights.

United States v. Elcom Ltd. – Moscow-based Elcom had developed software that was able to remove protections on an Adobe Acrobat PDF file, such as those used in ebook distribution. Adobe requested the U.S. Department of Justice take action against the company for violating the DMCA. Elcom argued in court that the DMCA was unconstitutionally vague and allowed for circumvention of use controls for purposes of fair use. The company also claimed that the act violated the First Amendment by placing too much burden on those seeking to use protected works for fair use. The initial ruling at the U.S. District Court for the Northern District of California rejected both arguments on the basis of Corley. The ruling established that the DMCA was not unconstitutional, and that while it did place a burden on users accessing works for fair use, the DMCA did not outright restrict fair use. In the case of the ebook example, the ruling observed that the user may have to type a quote from the ebook rather than copy and paste from the unprotected version.

321 Studios v. Metro Goldwyn Mayer Studios, Inc. – 321 Studios made copies that allowed users to copy DVDs, including those with CSS copy protection, to another DVD or to a CD-ROM. The company sought declaratory judgment from MGM Studios that their software did not violate the DMCA, or sought to have the DMCA ruled unconstitutional. The case, heard in the United States District Court for the Northern District of California, ruled against 321 Studios on both arguments. The court ruled that 321 Studios' software was not protected speech and violated the DMCA. Additionally, they argued that the issues pertaining to the constitutionality of the DMCA were answered by prior cases, as case law from Corley and Elcom effectively established that the DMCA could not be challenged on the basis of constitutionality.

Durable goods case law
Chamberlain Group, Inc. v. Skylink Technologies, Inc. – Chamberlain manufactured garage door openers and accessories, while Skylink created universal remotes that worked with a variety of door openers. Chamberlain developed a security protocol for its remotes that matched the remote to the door via software-based rolling code; this was intended to prevent unauthorized opening. Skylink utilized a resynchronization feature of the Chamberlain security software to create a universal remote that worked with the Chamberlain openers. Chamberlain sued Skylink, arguing that the rolling code was effectively an access control device, and Skylink violated the DMCA. Both the United States District Court for the Northern District of Illinois and the United States Court of Appeals for the Federal Circuit ruled in favor of Skylink that there was no DMCA violation. The courts ruled the DMCA did not create a new property right, and thus consumers that owned Chamberlain's product had a right to circumvent any restrictions, since this was typical practice on the market. They also pointed out that customers purchasing a Chamberlain garage door opener did not sign an end user license agreement waiving those rights.

Lexmark International, Inc. v. Static Control Components, Inc. – Lexmark had developed a lock-out mechanism for its inkjet printers that would prevent use of any third party ink cartridges. The mechanism used a program in the printer along with an electronic chip on the cartridge to validate the authenticity of the product. Static Control Components reverse engineered the chip using the program from the printer and were able to make their own ink cartridges compatible with Lexmark printers. Lexmark sued, claiming a DMCA violation, and won at the District Court. However, the case was overturned shortly after by the United States Court of Appeals for the Sixth Circuit. The Sixth Circuit acknowledged that Lexmark's programs to manage the lockout were copyrightable and thus eligible for protections under the DMCA. However, the appeals court pointed out that Lexmark failed to include an anti-circumvention device that "effectively controls access" to the printer lockout program.

Linking to infringing content
Case law is currently unsettled with regard to websites that contain links to infringing material; however, there have been a few lower-court decisions which have ruled against linking in narrowly prescribed circumstances. It is considered a violation when the owner of a website has been issued an injunction against posting infringing material on their website, and then links to the same material to circumvent the injunction. Another area involves linking to software or devices which are designed to circumvent digital rights management devices, or links from websites whose sole purpose is to circumvent copyright protection by linking to copyrighted material.

Edelman v. N2H2
In July 2002, American Civil Liberties Union filed a lawsuit on the behalf of Benjamin Edelman, a computer researcher at Berkman Center for Internet and Society, seeking a declaratory judgment to affirm his first amendment rights when reverse engineering the censorware product of defendant N2H2 in case he intended to publish the finding. N2H2 filed a motion to dismiss, which the court granted on the basis that Edelman had not finished reverse engneeering, and the court did not make advisory opinions.

RealNetworks, Inc. v. DVD Copy Control Association, Inc.
In August 2009, the DVD Copy Control Association won a lawsuit against RealNetworks for violating copyright law in selling its RealDVD software, allowing users to copy DVDs and store them on a harddrive. The DVD Copy Control Association claimed that Real violated the DMCA by manufacturing and trafficking a tool that circumvented anti-piracy measures ARccOS Protection and RipGuard, as well as breaking Real's licensing agreement with the Content Scrambling System.

Viacom Inc. v. YouTube, Google Inc.
On March 13, 2007, Viacom filed a lawsuit against YouTube and its corporate parent Google for copyright infringement seeking more than $1 billion in damages. The complaint was filed in the U.S. District Court for the Southern District of New York.

Viacom claims the popular video-sharing site was engaging in "massive intentional copyright infringement" for making available a contended 160,000 unauthorized clips of Viacom's entertainment programming. Google relied on the 1998 Digital Millennium Copyright Act's "safe harbor" provision to shield them from liability.

On June 23, 2010, U.S. District Judge Louis Stanton granted summary judgment in favor of YouTube. The court held that YouTube is protected by the safe harbor of the DMCA. Viacom appealed to the U.S. Court of Appeals for the Second Circuit.

On April 5, 2012, the federal Second Circuit Court of Appeals vacated Judge Louis Stanton's ruling, and instead ruled that Viacom had presented enough evidence against YouTube to warrant a trial, and the case should not have been thrown out in summary judgment. The court did uphold the ruling that YouTube could not be held liable based on "general knowledge" that users on its site were infringing copyright. The case was sent back to the District Court in New York, and on April 18, 2013, Judge Stanton issued another order granting summary judgment in favor of YouTube. Before it was sent back to the Court of Appeals, a settlement was reached; no money changed hands.

IO Group, Inc. v. Veoh Networks, Inc.
On June 23, 2006, IO Group, Inc. filed a complaint against Veoh Networks, Inc. in the U.S. District Court for California's Northern District.

IO Group alleged that Veoh was responsible for copyright infringement by allowing videos owned by IO Group to be accessed through Veoh's online service without permission over 40,000 times between the dates June 1 and June 22.

Veoh is a Flash video site relying on user contributed content. IO Group argued that since Veoh transcoded user uploaded videos to Flash format it became a direct infringer and the materials were under their direct control, thereby disqualifying them for DMCA safe harbor protection.

The ruling judge disagreed with the argument, stating that

"Veoh has simply established a system whereby software automatically processes user-submitted content and recasts it in a format that is readily accessible to its users. Veoh preselects the software parameters for the process from a range of default values set by the thirdparty software... But Veoh does not itself actively participate or supervise the uploading of files. Nor does it preview or select the files before the upload is completed. Instead, video files are uploaded through an automated process which is initiated entirely at the volition of Veoh's users."

The Court has granted the Veoh's motion for summary judgment, on the basis of the DMCA, holding that the defendant's video-sharing web site complied and was entitled to the protection of the statute's "safe harbor" provision. Even though Veoh won the court case, it blamed the litigation as one of the causes of its preparing to file Chapter 7 bankruptcy and its subsequent sale to Qlipso.

Vernor v. Autodesk, Inc.
After numerous DMCA takedown notices in response to his eBay listings, Timothy S. Vernor sued Autodesk in August 2007, alleging that Autodesk abused the DMCA and disrupted his right to sell used software he bought at a garage sale. In May 2008, a federal district judge in Washington State Autodesk's authorized that the software's license agreement preempted the seller from his rights under the first-sale doctrine. In September 2010, the U.S. Court of Appeals for the Ninth Circuit reversed, holding that "a software user is a licensee rather than an owner of a copy where the copyright owner (1) specifies that the user is granted a license; (2) significantly authorized the user's ability to transfer the software; and (3) imposes notable use authorizations."

Lenz v. Universal Music Corp.
In 2007, Stephanie Lenz, a writer and editor from Gallitzin, Pennsylvania made a home video of her 13-month-old son dancing to the Prince song "Let's Go Crazy" and posted a 29-second video on the video-sharing site YouTube. Four months after the video was originally uploaded, Universal Music Group, which owned the copyrights to the song, ordered YouTube to remove the video enforcing the Digital Millennium Copyright Act.

Lenz notified YouTube immediately that her video was within the scope of fair use, and demanded that it be restored. YouTube complied after six weeks—not two weeks, as required by the Digital Millennium Copyright Act—to see whether Universal planned to sue Lenz for infringement. Lenz then sued Universal Music in California for her legal costs, claiming the music company had acted in bad faith by ordering removal of a video that represented fair use of the song.

In August 2008, U.S. District Judge Jeremy Fogel of San Jose, California ruled that copyright holders cannot order a deletion of an online file without determining whether that posting reflected "fair use" of the copyrighted material.

On February 25, 2010, Judge Fogel issued a ruling rejecting several of Universal's affirmative defenses, including the defense that Lenz suffered no damages.

In 2015, the court ultimately upheld the finding that Universal was liable under 17 USC 512(f) (the DMCA's bad faith notice and takedown provision) for failing to consider fair use before sending its initial takedown notice.

Flava Works Inc. v. Gunter
In the case of Flava Works Inc. v. Gunter the court denied the defendant safe harbor protection under DMCA. The district court found that the defendant had knowledge of its users' infringing activity and also failed to prevent future infringing activity. As such the plaintiff's motion for preliminary injunction was granted. On appeal, however, the Seventh Circuit vacated the injunction, citing the standard set in eBay Inc. v. MercExchange, L.L.C., which states that courts should not rely on categorical rules as a standard for injunction.

Ouellette v. Viacom International Inc.
In this case of Ouellette v. Viacom International Inc., the court denied plaintiff's attempt to find liability for YouTube and Myspace's takedowns of the plaintiff's homemade videos. Despite potential fair use claims, the court found it impossible to use the DMCA takedown provisions as a foundation for liability. The court found that the safe harbor provision serves "to limit the liability of internet service providers, not to create liability that could not otherwise be imposed under existing law independent of the DMCA."

Sony v. George Hotz
In January 2011, Sony Computer Entertainment sued George Hotz over violating the Section 1201 of the Digital Millennium Copyright Act as well as the Federal Fraud and Abuse Act due to facilitating consumers to jailbreak their PlayStation 3 consoles. Hotz argued that because he had purchased the product, he had the right to do with it as he pleased. After three months, Sony and Hotz decided to settle out of court. This also included an injunction against George Hotz, barring him from hacking any more Sony products.

Automattic, Inc. and Oliver Hotham v. Nick Steiner
In 2013, Oliver Hotham wrote an article on WordPress (owned by Automattic, Inc.) critical of Straight Pride UK that included material from a press release sent to him by Straight Pride UK's press officer, Nick Steiner. Steiner sent WordPress a DMCA takedown notice claiming that Hotham's article infringed their copyright. WordPress and Hotham sued in a federal District Court in California, under §512(f) of the DMCA, claiming that the takedown notice was fraudulent, and that the takedown cost the plaintiffs time, lost work and attorneys' fees. In 2015, the court issued a default judgment in favor of WordPress and Hotham in the amount of $25,084.

Abuse of takedown notice
Google asserted misuse of the DMCA in a filing concerning New Zealand's copyright act, quoting results from a 2005 study by California academics Laura Quilter and Jennifer Urban based on data from the Chilling Effects clearinghouse. Takedown notices targeting a competing business made up over half (57%) of the notices Google has received, the company said, and more than one-third (37%) "were not valid copyright claims."

Currently, there are three main abuses of the DMCA. First, fair use has been a legal gray area, and subject to opposing interpretations. This has caused inequity in the treatment of individual cases. Second, the DMCA has often been invoked overbearingly, favoring larger copyright holders over smaller ones. This has caused accidental takedowns of legitimate content, such as a record company accidentally removing a music video from their own artist. Third, the lack of consequences for perjury in claims encourages censorship. This has caused temporary takedowns of legitimate content that can be financially damaging to the legitimate copyright holder, who has no recourse for reimbursement. This has been used by businesses to censor competition.

The use of DMCA-enabled takedown notices has been raised for a number of services that allow users to provide content. Early concerns were focused on peer-to-peer file sharing services such as BitTorrent. Such services grew after Napster was sued by several music industry groups in A&M Records, Inc. v. Napster, Inc. (2001) which ruled that Napster was liable for enabling copyright infringement under the DMCA since they maintained central servers that tracked file sharing; by switching to the peer-to-peer model, these new services avoided this possible legality. However, some still saw legal challenges, such as MGM Studios, Inc. v. Grokster, Ltd. (2005) based on the fact they were operated commercially and promoted the ability to share copyrighted works. Non-commercial and open-source peer-to-peer services were able to survive from these case laws, leading entertainment groups to deploy software on the services to track downloads, and subsequently attempted to serve takedown notices and sue users on the services for copyright violations under the DMCA since around 2003. However, many of these methods were imprecise, leading to a number of false accusations at users.

Abuse of the anti-circumvention provision
In 2015 Volkswagen abused the DMCA to hide their vehicles' emissions cheat. It has been suggested that had the DMCA not prevented access to the software "...a researcher with legal access to Volkswagen's software could have discovered the code that changed how the cars behave in testing..."

Effect on analog video equipment
Analog Copy Protection (ACP), the encryption technology created by Rovi Corporation (formerly Macrovision, now TiVo), is designed to thwart users' attempts to reproduce content via analog cables. When a DVD is played through an analog video cable and recorded using a VCR, Rovi's ACP technology will distort the copy partially or completely.

The technology works by adding additional lines to the video signal. In the NTSC video standard, blank lines (vertical blanking intervals) that the user cannot see are used for functions like closed captioning. Rovi Corporation uses these blank lines to implement its ACP technology.

The implementation of ACP has been ill-regarded by some video enthusiasts. Many claim that the technology has led to signal issues with VCRs and analog video equipment. Some VCRs misread the encryption used to prevent copying, distorting the video image regardless of whether the recording is original or a copy.

The DMCA has been criticized for forcing all producers of analog video equipment to support the proprietary copy protection technology of Rovi Corporation, a commercial firm. The producers of video equipment are forced by law to support and implement the corporation's proprietary technology. This benefits Rovi Corporation financially, whereas those forced to implement it receive neither profit nor compensation.

Additionally, some criticize the implementation of ACP as a violation of their fair use rights. A TV-streaming product called the Slingbox uses analog signals to convey video from television to a mobile device. However, the encryption used by ACP blocks analog transmission, rendering the Slingbox unusable. Additionally ACP blocks the use of recording for educational purposes. On one or more accounts, students have not been able to cite and record cable sources properly due to ACP restrictions.

Effect on research
The DMCA has affected the worldwide cryptography research community, since an argument can be made that any cryptanalytic research violates, or might violate, the DMCA. The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law's use to prevent or penalize development of anti-DRM measures. While working for ElcomSoft in Russia, he developed The Advanced eBook Processor, a software application allowing users to strip usage restriction information from restricted e-books, an activity legal in both Russia and the United States. Paradoxically, under the DMCA, it is not legal in the United States to provide such a tool. Sklyarov was arrested in the United States after presenting a speech at DEF CON and subsequently spent nearly a month in jail. The DMCA has also been cited as chilling to legitimate users, such as students of cryptanalysis (including, in a well-known instance, Professor Edward Felten and students at Princeton), and security consultants such as Niels Ferguson, who has declined to publish information about vulnerabilities he discovered in an Intel secure-computing scheme because of his concern about being arrested under the DMCA when he travels to the U.S.

Effect on innovation and competition
In at least one court case, the DMCA has been used by open source software projects to defend against conversion of software (i.e., license violations) that involved removal of copyright notices.

Jonathan Bailey of Plagiarism Today argued that the DMCA has left Kindle Direct Publishing (an Amazon subsidiary) with no incentive to find new innovations for vetting submitted books for plagiarism or copyright theft before allowing them to be published. According to Bailey, "Amazon doesn't do much to vet the books it publishes. Plagiarism isn't even mentioned in its KDP help files. What this means is that it's trivial to publish almost anything you want regardless of the quality of the work or, in these cases, how original it is. In fact, many complain that Amazon fails to vet works for even simple issues such as formatting and layout. Though Amazon will, sometimes, remove works that violates their terms of service after they get complaints, they're happy to sell the books and reap the profits until they get such a notice. And, from Amazon's perspective, this is completely legal. They are protected by the Digital Millennium Copyright Act (DMCA) as well as other laws, in particular Section 230 of the Communications Decency Act, that basically mean they are under no obligation to vet or check the works they publish. They are legally free to produce and sell books, physical and digital, regardless of whether they are plagiarized, copyright infringing or otherwise illegal."

Legislative reform
There have been several Congressional efforts to modify the Act. The Unlocking Technology Act of 2013 was introduced to attempt to exempt non-infringing uses from the anti-circumvention clause. However, the bill was not passed by Congress. In 2014, the Unlocking Consumer Choice and Wireless Competition Act was passed, granting a specific exemption for unlocking cell phones, without affecting the other provisions of the DMCA.

Bills in 2015 included the Unlocking Technology Act of 2015, and the Breaking Down Barriers to Innovation Act of 2015. Republicans are considering legislation as well, as it becomes clear that Section 1201 is impeding the country's security. Facing escalating numbers of cyberthreats, cybersecurity researchers petitioned to conduct research to keep pace with evolving cybersecurity risks and vulnerabilities, stating: "Without such an exemption, security risks will lie unaddressed and the public will be substantially less safe." The bills are intended to address the fact that section 1201 prevents circumvention even when doing so is not copyright infringement. In addition, the section requires exemption proponents to bear the burden of proof every time their exemption comes up for triennial review, instead of there being a presumption of renewal for an exemption whose importance was previously proven.

Rick Boucher, a congressman from Virginia, led previous efforts by introducing the Digital Media Consumers' Rights Act (DMCRA).

A prominent bill related to the DMCA is the Consumer Broadband and Digital Television Promotion Act (CBDTPA), known in early drafts as the Security Systems and Standards Certification Act (SSSCA). This bill, if it had passed, would have dealt with the devices used to access digital content and would have been even more restrictive than the DMCA.

Senator Thom Tillis introduced a draft revision of the DMCA in December 2020. A fundamental change in his language would be to support "notice and stay down" for service providers, requiring them to take measures to prevent material that has already been determined to be violating copyright to be re-uploaded by users. While the draft was praised by the entertainment industry, free speech advocacy groups feared the language would require services to employ automatic filtering and would further limit freedom of expression.

Opposition
On the fifth anniversary of the DMCA, and several times afterwards, the Electronic Frontier Foundation documented harmful consequences of the anti-circumvention provisions. They document that the DMCA:


 * 1) Stifles free expression, such as in its use against Russian programmer Dmitry Sklyarov, Princeton Professor Edward Felten, and journalists;
 * 2) Jeopardizes fair use;
 * 3) Impedes competition, such as blocking aftermarket competition in toner cartridges, garage door openers, and enforcing walled gardens around the iPod; and
 * 4) Interferes with computer intrusion laws.

In July 2016, the Electronic Frontier Foundation sued the US government in Green v. Department of Justice alleging that Section 1201 violates the First Amendment.