> The rules in section 512 do not apply.
Assuming you're referring only to the §1201 'anticircumvention' portion of the claim (the main focus of the GitHub post), whether this portion is also subject to §512 rules is a little more ambiguous. §1201 defines a trafficking violation separate from copyright infringement itself, but some court rulings have established a requirement that §1201 violations establish a 'nexus' to copyright infringement in order to be valid. If this requirement holds, §512 safe harbor protections could indirectly cover §1201 claims as well. However, because there's a circuit split on the issue, unless GitHub is sued on this exact point it's impossible to say for sure what rules would apply in this specific case.
In any case, GitHub handled the 1201 takedown claim in reference to its established, documented process in handling takedown notices and counter notices [1], except for the fact that it didn't wait 10-14 days after receiving a counter notice before re-enabling this content. The deviation from their published policy is still itself noteworthy.
[1] https://docs.github.com/en/free-pro-team@latest/github/site-...
It is not clear that the unit tests, if performed, amounted to anything more than fair use. Under the DMCA, it is not necessarily infringement for the script author to circumvent copy controls; section 1201 prohibits sharing copy control circumvention technology with others but does not prohbit the act of copy control circumvention.
If one wanted to make the argument that DMCA 512 safe harbor applies to a section 1201 notice, then I am surprised there has been no mention of "material that is the subject of infringing activity". This language is found in section 512 and in many standard DMCA notice instructions, e.g., Microsoft's
https://www.microsoft.com/info/MSDMCA.html
The youtube-dl script itself is not infringing material. However is it "material that is the subject of infringing activity". If the script only works to circumvent copy controls not access controls, then those unit tests, i.e., the making of unauthorised copies, that may have been performed by the developers, i.e., suspected "infringing activity", are subject to a defense of fair use. If it is fair use then it is not infringing activity and the script cannot be "material that is the subject of infringing activity".
I don't think that even if the first is true, the second is true: even the courts that hold the "nexus" position don't, AFAIK, hold that Sec. 1201 liability requires that the trafficker be already liable for contributory infringement, only that there be a connection of the trafficked circumvention measure to infringement.
OTOH, if its not covered by the safe harbor provision, that doesn't mean notice of the violation is irrelevant; knowledge is explicitly relevant to one route to liability under Sec. 1201, and arguably necessary for any of the others; notice potentially take the host from being an exploited bystander to a liable trafficker, provided that they do not take action to end the trafficking on their platform.
Good point and important distinction- not to say that courts holding the 'nexus' position have already established Section 512 protections for Section 1201 violations, just that I could imagine a legal argument extending the position along these lines. If Section 512 protects services from liability for user-provided software that contributes to copyright infringement, it should also protect services from liability for user-provided software designed for the circumvention of technological measures protecting copyright infringement.
At the very least in the absence of further clarity, it makes sense that GitHub seems to apply section 512 law consistently across Section 1201 claims in addition to copyright infringement claims, not only to simplify their legal procedures but also to leave such a theoretical defense available to them in case they ever need it.
