Our first example of forced takedown has to do with our Nitter instance. Nitter is a front end for Twitter, a proxy service. All it does is requesting a page from Twittter on your (the visitor) behalf. It will only display the Twitter content, without trackers and using its own (more humane theme). It is not storing any data on the server.

Our instance: bird.trom.tf/

No page on bird.trom.tf/ exists unless you visit it to generate it. Remember this.

On 11/8/22, 17:35 we have received this from our hosting provider:

Dear ******,

We have received complaints about your VPS XL SSD, specifically about the following IP address(es):

*******

Please see the forwarded e-mail below for more details. Apparently, your VPS XL SSD is used for phishing which is strictly forbidden by our ToS.

Abuse is a serious threat in the Internet and can cause a huge amount of damage; thus, we ask for your understanding that once an ABUSE case is reported to us, we must handle abuse strictly and with no tolerance.

Please take immediate action to stop the ongoing server misuse. It is required that you solve the problem within the next 12 hours, and that we receive your reply within this period, too. Your reply must contain all information which enable us to understand exactly which measures you took to stop the abuse and prevent such or similar incidents in the future.

We will suspend access to your VPS XL SSD if we do not receive your reply within the given time frame, and if the problem is not solved in due time; both is essential - the solution and your response. The reactivation of a VPS XL SSD always demands a reactivation fee of at least €36.30. Please respond in due time to save these expenses.

We would appreciate your immediate attention to this matter.

Original complaint from tfp.report.ctac@appgate.com
Subject: Unauthorized Use of Trademark

The original complaint that was sent to our hosting provider was this:

Greetings,
This is an official message from AppGate, on behalf of our Banco del Pacifico G.F.
We need your cooperation in the removal of the content located in the site:
bird.trom.tf/BancoPacificoEC
The target site is the following URL(s):
twitter.com/BancoPacificoEC
We kindly ask you to shut down this content as soon as possible. We expect a prompt and affirmative response.

Thanks for helping make the Internet safer.

Sincerely,

DTP Team - Appgate

We replied:

Dear Contabo,

For one bird.trom.tf/BancoPacificoEC is a front-end access to the twitter page twitter.com/BancoPacificoEC. It is not a content that is available on our server. We are using Nitter a Twitter front-end github.com/zedeus/nitter . Like thousands do. How can we be responsible for the Twitter content now? This is not something we can ever remove since it is not on our server. Please understand.

Second, did you check to see if this bank account is phishing? bancodelpacifico.com/ - they have a verified Twitter account and all that. They seem like any other bank...

Please get back to me on this or put me in contact with the ones who filled the complain.

Cheers!

I thought for sure that they accuse us of mirroring a real Twitter phishing account.

But well, we were worried that they will shut down our entire server that hosts 20+ Open Source services that thousands of people use, so the same day we sent another email because no one would reply:

So this is a proxy service, mind you. If the ones contacting you are the owners of that Twitter account please make them aware that it is legal to host proxies and we do not host any materials from this proxy on our server. Here is a discussion about Nitter and DMCA github.com/zedeus/nitter/issue…

Sent one more because we were stressed by the 12 hour deadline they gave us:

Hello,

bird.trom.tf hosts Nitter, a private Twitter front-end, meaning it is simply a proxy to access Twitter assets and user generated content without tracking from Twitter. Thus, all content is proxied from Twitter and is not stored on our servers and if Twitter chooses to remove an asset, it will no longer appear on our site.

Our bird.trom.tf is hosted in the European Union, so the European Union's laws apply. Under the directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonization of certain aspects of copyright and related rights in the information society, "temporary acts of reproduction referred to in Article 2, which are transient or incidental [and] an integral and essential part of a technological process and whose sole purpose is to enable: a transmission in a network between third parties by an intermediary" is allowed, and legal.

As such, all takedown requests must be sent to Twitter, as we don't have any control on the data that they have on their servers.

Thank you,

After several hours of no reply we sent one more:

So please be mindful and do not remove our server. The link bird.trom.tf/BancoPacificoEC is not phishing. You gave me 12h to fix the problem and since you have not replied for the past hours I am concerned about that short deadline. I may not be available for the next 10 hours from now on, simply because I may be asleep, so please do not remove our server as it has not breached any of your ToS.

We got no reply until 22/8/22 10:46. 11 days later! We got this:

Dear ****,

So, where is the final solution? We will give 12 hours to finally close this case.

If you have any questions or need help, please do not hesitate to contact us.

And we replied:

Hello,

bird.trom.tf hosts Nitter, a private Twitter front-end, meaning it is simply a proxy to access Twitter assets and user generated content without tracking from Twitter. Thus, all content is proxied from Twitter and is not stored on our servers and if Twitter chooses to remove an asset, it will no longer appear on our site.

Our bird.trom.tf (Nitter) is hosted in the European Union, so the European Union's laws apply. Under the directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonization of certain aspects of copyright and related rights in the information society, "temporary acts of reproduction referred to in Article 2, which are transient or incidental [and] an integral and essential part of a technological process and whose sole purpose is to enable: a transmission in a network between third parties by an intermediary" is allowed, and legal.

As such, all takedown requests must be sent to Twitter, as we don't have any control on the data that they have on their servers.

I am waiting for your response.

Cheers!

An hour later, no reply. We emailed again:

Please reply today so we can settle this. If you want you can even call me. My phone number is in my account details. I would be illegal under the EU law to remove my server because of a legal service. A proxy one that does not store any data on your servers.

I am waiting for your reply!

2 hours later, no reply, we emailed them again:

I could also seek the advice and involvement of the Electronic Frontier Foundation about this case, because if you decide to remove our server for something that is legally protected, then the precedent is dangerous and needs to be addressed.

I have contacted you a few hours ago and you did not reply, yet you gave me 12h to solve this issue and/or to contact you, which I have done.

So please reply to me and please do not remove the server.

Two more hours later, no reply. Being concerned that they will remove our entire server we decided to make that Nitter link not accessible via Nginx. That's the best we could do. We were forced to do that because no one at Contabo would even engage with us over this. We had no options. It was a mafia style "non-discussion", "do as I told you" approach by the Contabo company.

We emailed:

The URL bird.trom.tf/BancoPacificoEC is now gone. This is an illegal request and I felt bullied into removing a link that did not host anything phishing related and no content at all. This is not ok and I will contact several organizations to help me with this abuse.

You should understand that what the complaint requested was an illegal request, but since I was threatened with the closure of my entire server in less than 12h, and thus over 20 websites hosted there, I was forced to remove that URL.

Now that the URL is gone, you can close this case. I will contact you soon in regards to this decission.

And emailed again:

Tomorrow I will not be home for most of the day, and now that the link has be removed (unfairly) you have no reason to delete our server. I hope you are reasonable people and act the same. And not forget that I've been forced to remove a link that was neither phishing, nor did it store any content. It was a proxy link from a very popular proxy service called Nitter.

They replied:

Dear ****,

Thank you very much for your response.

The complaint seems to be solved; thus, we have closed this case and no further steps are requested from your side at the moment. If we should receive further complaints about your used services, we will contact you again.

Thank you for your cooperation.

Fuck them! "thank you for your cooperation"....motherfuckers. There was no cooperation. It was them forcing me to remove a URL that was not a phishing URL as it was claimed to be, nor did it store any content.

I replied:

Dear Contabo,

This was far from "cooperation", I was forced by you to remove a link that was not phishing, nor did it contain any content. You refused to reply to any of my arguments or look into this.

I am terribly disappointed in you, and I will stop recommending Contabo to anyone.

I will do my best to forward this case to different organizations that could help me pierce through your silence, because you have been bullied by whatever company contacted you, to remove a legal link, and thus abuse people like me who are paying for your service.

Do you have any comments in regards to your decision to force me to remove that URL?

And now I will try to contact EFF or other similar organizations about this issue. If anyone can help, please let me know. If this becomes the norm, then any link from any of our website, can be subject to removal.

This is unacceptable.

UPDATE.

25.08.22

The company:

Thank you for your response.

There are new changes in Germany regarding copyright violations that forced us to remove all domains from our network that are providing protected contents.

Either you provide for us and every visitor the declaration of consent of the right holder to each individual product or its confirmation that you are the right holder. Otherwise, we will be forced to remove this website. This comes also in action for redirections, quotes and shared posts.

We know that this is strict, but we are bound by the law and hope for your understanding.

Us:

Would would be kind to tell me what set of laws we are talking about? This is extremely strict. Sounds like you are not allowed to host anything but your own personal photos for example.

Second, are these laws only applying for the servers hosted in Germany by Contabo? Would it be better to migrate to a different region?

Them:

Thank you for your e-mail.

Yes, the German copyright law is really very strict, and affects all companies based in Germany, including in our case our data centers in other countries.

The copyright law states that content may only be uploaded if its creator or owner has explicitly confirmed this.

Us:

Hi,

I felt like I was given no chance to defend myself when you contacted me. And I contacted others for legal advice and I was given some, but you had ignored it. You did not address it at all. I showed you that proxy services are legal in all of the EU "Under the directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001". So how am I going to know if what you did was legal or not if I am not provided any details about your decision?

Do you understand my frustration?

Right now, based on my experience with Contabo, you guys can any day ask me to remove any link at your will, and I cannot do a thing about it. This is truly disturbing to me.

Now can you please take your time and explain to me under what exact law does it say it is illegal in Germany to host a proxy service that uses the official API of Twitter, which allows exactly for what we are doing with bird.trom.tf (Nitter).

Please take your time and explain to me. I think it is fair towards me to have an explanation of this.

Thanks

Them:

we don't have to have a legal debate, because I don't think there's a lawyer sitting on either side right now. It is also completely irrelevant: We don't want our network to be affected, by repeated complaints. We are allowed to protect our reputation, and that is what we are doing here. Besides, it's perfectly clear that you can't use someone else's copyright.

It is clear by now that they just bend to whoever contacts them with an abuse report. They do not want or have the resources to do anything more than bully their "clients" into taking down whatever it is requested. Not surprised...