CryptoServers
启动服务器

· 法律解析

忽略 DMCA 的托管—— what it means, what it doesn't

A precise definition. The DMCA (Digital Millennium Copyright Act, 17 USC §512) is a United States federal statute. It has no extraterritorial force. Hosts whose corporate entity and physical infrastructure sit outside US jurisdiction are not bound by it — DMCA take-down notices that arrive in their inbox have the same legal weight as a strongly-worded email. Cryptoservers is incorporated in Saint Kitts and Nevis, with datacenters in Iceland, the Netherlands, Romania and Switzerland; we do not honour DMCA notices because they have no operative effect over our infrastructure. That does not mean copyright is unenforceable — it means takedown is routed through local court process, not a private letter.

部署服务器 司法管辖区表格
仅法院命令 Saint Kitts & Nevis incorp. IS · NL · RO · CH 加密结账,无 KYC
DMCA-ignored offshore hosting

我们为何忽略 DMCA 通知

Not as a marketing posture — as a legal reality. The statute simply does not reach our infrastructure.

The DMCA is codified at 17 USC §512 as part of US copyright law. Section 512(c), the safe-harbour provision, conditions a US online-service-provider's liability shield on a notice-and-takedown procedure. The statutory text addresses "service providers" as defined in §512(k), and the enforcement mechanism — the §512(j) injunctive-relief framework — sits inside the United States federal courts.

None of those mechanisms have force outside the United States. A foreign court will not enforce a US copyright statute as a free-standing cause of action; bilateral instruments like the Berne Convention oblige member states to <em>protect copyright</em>, not to import US procedural rules. As a Nevisian company with infrastructure in Iceland, the Netherlands, Romania and Switzerland, we sit outside the reach of §512 entirely.

Practically: every week the abuse mailbox receives DMCA notices. They are auto-classified, the customer is informed (so they can comment if they wish), and the content remains up. We do not act on them because we have no statutory obligation to and because doing so on a private letter would amount to private censorship without due process. That is not a service we offer.

「DMCA 是美国联邦法律的产物。其通知与下架程序在美国法院框架内运作,不是国际条约,不约束外国服务提供商。」——国际知识产权学术界对 §512 的普遍解读;参见康奈尔大学法律信息研究所注释。

我们确实遵从的 ——正当程序,而非信函

Cryptoservers is not "above the law" and we have never claimed to be. There are five categories of legal process we are bound by, all narrower than the DMCA.

  • 尼维斯法院命令。 We are incorporated in Saint Kitts and Nevis. Civil and criminal orders properly served and finalised in Nevisian courts are binding on us. The High Court of Justice of Saint Christopher and Nevis is the standard forum.
  • Iceland — local judicial process. Our Reykjavík datacenter is operated under Icelandic law. Court orders issued by the District Court of Reykjavík (Héraðsdómur Reykjavíkur) and finalised by the Supreme Court of Iceland (Hæstiréttur Íslands) bind that PoP. Iceland's IMMI (Icelandic Modern Media Initiative) framework constrains pre-trial takedowns.
  • Netherlands — local judicial process. The Dutch courts (Rechtbank Amsterdam) issue takedown orders under the Civil Code and the implementing legislation of the EU eCommerce Directive (now DSA). We honour those orders, narrowly scoped to the content they identify.
  • Romania — local judicial process. Romanian courts (Tribunalul Bucureşti) issue orders under Law no. 365/2002 (eCommerce) and the DSA. Romania's Constitutional Court ruling in 2014 (Decision no. 440/2014) struck down the previous mandatory data-retention regime, narrowing the categories of compelled disclosure.
  • Switzerland — local judicial process. Swiss courts (Bezirksgericht Zürich) issue orders under the Civil Code Art 28a and the Federal Act on Data Protection (FADP). Switzerland is outside the EU and outside the 14-Eyes signals-intelligence agreement; local jurisdiction is the only route.

A binding order of the kind above gets a documented response. Our <a href="/zh/canary/">warrant canary</a> publishes the count of orders honoured per quarter (and signals if a US, Five-Eyes or other foreign-jurisdiction order has ever been complied with — by going un-signed if so).

DMCA-equivalent statutes 按司法管辖区

Every country has some intermediary-liability framework for copyright. They differ in whether a private notice triggers takedown, or whether a court order is required. This table lays out the five jurisdictions touching our infrastructure (plus the US for comparison).

司法管辖区 等效法律 下架触发条件 留存义务 Cryptoservers 的状态
Saint Kitts & Nevis Copyright Act, Cap 18.08; Electronic Transactions Act, Cap 4.21 法院命令 ISP/主机商无强制要求 具有约束力(公司注册地)
Iceland (IS) Act on Electronic Commerce no. 30/2002; IMMI framework 法院命令 有限;被欧盟裁决推翻 具有约束力(数据中心)
Netherlands (NL) EU eCommerce Directive Art 14; DSA Art 6 (Reg 2022/2065) 法院命令或实际知悉非法行为 无强制要求 具有约束力(数据中心)
Romania (RO) Law no. 365/2002 (eCommerce); DSA 法院命令 2014 年裁决后无强制要求 具有约束力(数据中心)
Switzerland (CH) ZGB Art 28a; URG (Copyright Act); FADP 法院命令 对主机商无要求(BÜPF 豁免) 具有约束力(数据中心)
United States (US) 17 USC §512 (DMCA) 私人通知(无需法院) 无强制要求 不具约束力(无美国存在)

The pattern is consistent: every jurisdiction we operate in requires a court order or its equivalent ("actual knowledge" under the eCommerce Directive — interpreted by Dutch and German case law as effectively requiring a court adjudication for ambiguous claims). The United States is the outlier with its private-notice trigger; we are the outlier in not being subject to it.

忽略 DMCA 不意味着

The honest section. Confusing "DMCA-ignored" with "lawless" gets people in trouble — they assume we are a haven for things we are emphatically not.

不是以下内容的庇护所: CSAM, credible threats of violence, active phishing infrastructure, malware command-and-control, doxxing campaigns, or anything else that crosses into criminal law in our operating jurisdictions. We act on credible reports for these categories within 48 hours and we cooperate with criminal investigations conducted through proper local process.

刑法无论如何均适用。 Saint Kitts and Nevis, Iceland, the Netherlands, Romania and Switzerland all criminalise the same core categories: child sexual abuse material, credible threats, fraud, money-laundering, terrorism financing. None of that becomes legal because the DMCA does not reach us. If your business is in those categories, no offshore host should sell you service — including us.

DMCA 司法管辖区的用户仍可能直接收到针对自身的通知。 A US-resident user accessing our VPS may see DMCA notices arrive at their home ISP, naming the user's home IP for the access traffic. The notice does not reach Cryptoservers, but it does reach the user. EU users may face Article 14 routing letters from their own ISPs. Operating an ID-tied home connection while running a service that draws DMCA fire is its own threat model, separate from where the VPS lives.

Intermediary liability is a moving target. The EU Digital Services Act (effective 2024 for VLOPs, 2024 for general intermediaries) tightened notice-and-action rules, increased transparency-reporting obligations, and gave national regulators more enforcement teeth. Romania's DNSC and the Dutch ACM now have direct supervisory authority over hosts in their jurisdictions. We comply with DSA reporting; that compliance does not change our practical position on private DMCA letters but it does add procedural overhead we now meet.

「忽略 DMCA」≠「防弹主机」。 Bulletproof hosting is a black-market term for hosts who knowingly accept obvious criminal customers. We are emphatically not bulletproof, and conflating the terms damages the legitimate use case (journalism, activism, security research, archival, censorship-circumvention).

忽略 DMCA 的托管 常见问题

Eight questions buyers and journalists ask us most about the DMCA-ignored property and what it means in practice.

忽略 DMCA 的托管合法吗?
Yes — the DMCA is a US federal statute (17 USC §512) and has no extraterritorial force outside the United States. A non-US host that does not operate in the US is under no obligation to honour DMCA notices. What it must honour is whatever the local intermediary-liability framework requires (in the EU, the eCommerce Directive Article 14; in the UK, the Electronic Commerce Regulations 2002; in Switzerland, ZGB Article 28a) — and those generally trigger only on a court order, not on an unverified takedown letter from a private claimant.
Can I host pirated content on a DMCA-ignored server?
No. Copyright still exists in our jurisdictions; it is just enforced differently. Operating a piracy site is illegal almost everywhere, including Saint Kitts and Nevis (Copyright Act, Cap 18.08). What "DMCA-ignored" means is that the United States cannot use a private notice to compel us to remove content — it does not mean copyright is unenforceable. A Nevisian court order based on a credible copyright claim would still bind us.
Will my home ISP or my employer get a notice if I host on a DMCA-ignored server?
They might still receive a notice routed through their own jurisdiction, because the DMCA targets the US-facing components of an alleged infringement. If you are a US resident accessing your VPS, your ISP may receive a notice naming your home IP. If you are an EU resident, your ISP may receive an Article 14 routing letter. The notices will not reach Cryptoservers; they may reach you directly through other parts of the network. Plan accordingly.
What happens if a court order is served on Cryptoservers?
It depends on which court. We are bound by orders from Nevisian courts and by the local-jurisdiction process where each datacenter sits (Iceland MoJ, Swiss judiciary, NL court, RO court). A US, UK or German court order without a corresponding local recognition has no operative effect and we will not act on it. If a Nevisian court issues a binding order we comply, narrowly scoped to what the order actually compels. Our warrant canary publishes the count quarterly.
Do you ignore non-US copyright takedown notices too?
We process notices the same way regardless of source country — they are forwarded to the customer, who has 14 days to respond. We do not unilaterally take content down on a private complaint. We do unilaterally take content down for what is illegal in our jurisdiction (CSAM, credible threats, malware C2). Copyright disputes between two private parties go through court process; private letters do not.
How is "DMCA-ignored" different from "bulletproof hosting"?
They are not synonyms — and the conflation is harmful to the legitimate use case. "Bulletproof" hosting is a black-market term for hosts who knowingly accept obvious criminal customers (spam, phishing, malware C2) and refuse to act on any abuse report regardless of merit. We are emphatically not bulletproof: we accept abuse reports for criminal categories and act on them within 48 hours. "DMCA-ignored" describes the narrow legal property that US private takedown notices have no force in our jurisdiction — nothing more.
Is DMCA-ignored hosting useful for any specific use case beyond piracy?
Yes — and these are the actual customer profiles we see: independent journalists publishing leaked documents whose subjects file mass DMCAs to suppress them; security researchers publishing vulnerability proofs whose disclosures are challenged by the affected vendor as "copyright infringement"; archivists hosting public-domain or fair-use derivative works repeatedly mass-flagged by automated bots; whistleblower platforms; censorship-circumvention tools whose binaries are filed against by states. None of those need legal immunity; they need due process before takedown.
What about EU eCommerce Directive Article 14 and the new DSA?
For our Netherlands and Romania datacenters the relevant framework is the EU eCommerce Directive Article 14 (now updated by the Digital Services Act, Regulation 2022/2065). Article 14 / DSA Article 6 grants intermediaries a safe harbour as long as they act to remove specifically-identified illegal content upon "actual knowledge". We treat a court order as actual knowledge; we do not treat a private letter as such. The DSA also imposes notice-and-action requirements which we comply with — but compliance does not mean automatic takedown.

法规、裁决与外部引用

一手资料:
17 USC §512 — DMCA (Cornell Legal Information Institute)
EU eCommerce Directive 2000/31/EC, Article 14
Digital Services Act — Regulation (EU) 2022/2065
Romania Constitutional Court Decision no. 440/2014 (data retention)
Iceland — IMMI (Icelandic Modern Media Initiative)
Wikipedia — Digital Millennium Copyright Act
EFF — DMCA issue archive

响应以下要求的托管 法院命令,而非信函。

五个离岸司法管辖区,DMCA 无效,纯加密结账,无 KYC。部署时选择国家。

部署服务器 对比司法管辖区