The blockchain community started with the promise of decentralizing finance. But nowadays, the headlines are dominated by the larger vision to decentralize art.

It is a vision worthy of building. But so far, web3’s efforts to monetize artwork don’t work well with copyright law’s efforts to do the same—for two reasons:

1. Culture. web3 founders don’t care about artists’ copyrights.

2. Technology. A truly decentralized platform can never implement copyright takedowns.

(Please note my ethical disclosures listed at the end of this piece.)

1. web3 founders don’t care about artists’ copyrights

The blockchain OG culture is that only on-chain ownership matters. Any off-chain chain claims of ownership are unenforceable. This culture makes a lot of sense in the world of decentralized finance… but it is incompatible with the legitimacy of rightsholders’ rights under copyright law.

Some blockchain folks enjoy flouting copyright law. The pseudonymous NFT investor VincentVanDough downloaded a bunch of copyrighted profile pictures belonging to Furries—composing the below image NFT and selling it for about $95,000 at the time1.

But ultimately, the Pepe NFT is small potatoes. Other people in the web3 community have started entire projects and companies that play fast and loose with copyrights on a much larger scale:

1. HitPiece. The controversial music startup shut down its website earlier this month after mass outrage from artists. The company raised more than $5 million, scraped Spotify’s API for song metadata, and then used them to sell NFTs representing songs—all without artists’ consent.

2. SpiceDAO. They paid $3 million to purchase a copy of a rare book—intending to publish NFTs and an animated series based on the book. But purchasing an individual book does not grant any copyrights. Otherwise, I’d own the copyrights to the Harry Potter franchise. The DAO did not realize this until after they spent the $3 million.

3. Automated NFT-minting bots. Tokenized Tweets was a Twitter reply bot allowing users to mint an NFT for anybody’s tweet—copyright be damned. Countless other bots are scraping the Internet for content to mint as NFTs. The OpenSea team estimates that over 80% of the NFTs minted with their free minting tool are “plagiarized works, fake collections, and spam.”

4. A long tail of infringing NFT projects. The art social network DeviantArt has sent over 80,000 notifications to their creators—warning that someone else might be making NFTs of their work. The NFT Thefts Twitter account keeps track of individual NFTs with IP stolen from artists.

5. The NFT marketplaces. Marketplaces like OpenSea and Foundation are not infringing on copyrights—their users are. But the marketplaces have to respond to takedown requests to maintain DMCA Safe Harbor immunity. But the marketplaces often refuse to abide by takedowns—citing their Terms of Service2. The marketplaces also keep the fees that they earned from NFTs that were later taken down. That’s a lot of money, given that OpenSea saw more than $2.4 billion in transaction volume in December 2021.

As a result, many prominent artists are now speaking out against blockchains, NFTs, and the people who profit from them [a, b, c, d, e, f, g, h, i, j, k, l, m, n].

2. A truly decentralized platform can never implement copyright takedowns

For a typical image NFT, the metadata is on the blockchain but the image itself is stored on some centralized server. It is possible to issue a copyright takedown against that server—leaving the blockchain metadata pointing at a nonexistent image.

But other projects store their files with a decentralized storage system like IPFS—making it almost impossible to take down infringing content3.

For example, Audius is a blockchain-based4 music streaming site that uses decentralized technologies to store the actual music. But since their launch in 2019, they have been criticized for a rampant rise in copyright infringement on their platform5.

But even if Audius wanted to remove stolen content, their file storage technology makes them unable to. Their music files are served6 by community-run Content Nodes—which sometimes replicate their files to IPFS7.

If a rightsholder wants to issue a takedown notice to Audius, they face several complications:

1. For durability, Audius replicates a song to three different Content Nodes. Currently, there are 39 Content Nodes in total—operated by ten different organizations.

2. Each Content Node operator must individually register with the US Copyright Office as a DMCA Safe Harbor.

3. If a rightsholder wants to remove infringing content, they must track down all Content Node operators hosting it.

4. But even if the Content Nodes delete a file, there could be additional copies that have replicated to the surrounding IPFS network8.

Since their launch in 2019, the Audius team has promised to create a “community arbitration system” for resolving copyright takedowns. However, as of February 2022, no such system has been launched—and there are no details about how it would work.

But Audius has a dilemma here:

• No arbitration system can delete content from IPFS nodes that don’t obey the system.

• Audius could abandon IPFS… at the expense of decentralization. Audius has promised its users that their copyright-infringing content can’t be taken down. Abandoning IPFS would undo those promises.

We cannot build a truly censorship-resistant technological platform and allow for arbitrary censorship. If we include a backdoor capable of deleting any content, our adversaries will inevitably exploit it.

On the other hand, web3’s cultural problem with copyright law should be solvable. We just need to start caring about artists’ rights.

Ethical disclosures

My investments and past employers may influence my writing about blockchains, cryptography, and the music industry:

• In 2019, I worked in a computer security lab at the University of Minnesota known for its analyses of decentralized protocols like Tor.

• At this time of writing, I own Bitcoin, Ethereum, Solana, and STREAM. I have previously sold the ENS DAO governance tokens earned from registering two ENS domain names.