As well they should! Following the laws is part of not being sketchy.
github went way above-and-beyond here. It is under no obligation to:
1) Enforce an invalid DMCA request
2) Take down forks and repos from other users, without DMCA requests
3) Threaten to ban users
DMCA has a simple, neutral process. github receives a request. It's required to take down that specific tool if it's a valid request (NOT everyone who forked it). The developer who owns that repo can then put that up. At that point, github brings that repo back, and gives the RIAA means to file litigate against the developer. It's inspired by the concept of a common carrier, where github would be acting as a neutral party, not a thuggish policeman-for-hire.
If github ignored DMCA requests, I wouldn't do business with them either. I expect them to be a neutral third party, as the law dictates.
I assume others are downvoting because they assume you already know, but DMCA takedowns apply to active distribution of actual copyrighted content (like a mp3 containing music), not to tools that puportedly are for the purpose of enabling infringment. If the RIAA wanted to take down a tool, the not-illegal method would be to file a lawsuit against the developers, recieve (or preferably be denied, since their case has no merit, but that's beside the point) a preliminary injuction from the judge, and present that to GitHub.
To be clear, what the RIAA did isn't illegal. They sent a letter. I'm allowed to send a legal demand letter to you demanding 5 donkeys and a cow for having an insulting username, and even phrase it in Very Intimidating Ways. You're also welcome to ignore it. I can even file a law suit. I won't win (and you can then ask the judge for legal fees), but I'm not doing anything illegal.
What github did probably wasn't illegal either. Most companies can fire a customer for no great reason, which github did.
A perfectly reasonable response, I suspect, might be to start sending github large numbers of inane takedown letters similar to the RIAA one, alleging that random tools can circumvent copy protection. For example, vscode, cpython, and many other projects live on github, and can be used to circumvent copy protection too. That's a true statement.
github is welcome to ignore those letters too, since they don't conform to DMCA requirements. Or they can follow them.
In either case, I'm kind of curious what github would do. I suspect if they randomly kill projects, most projects will go somewhere else. github won't be considered a reliable service provider. Or github will re-evaluate their policies to be more reasonable, and not take down projects willy-nilly, which would be a good outcome too.
Hmm this isn't really true, DMCA takedown requests aren't just a "legal demand" in the sense that anyone can file them, it actually is illegal to file an invalid DMCA takedown request. My point is that the RIAA's DMCA takedown request was valid.
(IANAL) The law is also a lot more nuanced than how you described, since the hypothetical case would probably be thrown out with legal fees covered due to anti-SLAPP laws, but if it didn't fall under that, you probably wouldn't be able to recover legal fees without some sort of counter lawsuit.
IANAL either, but the RIAA letter never claimed to be a valid DMCA 512 takedown letter. It simply listed a series of facts, beliefs, opinions, and requests, none of which seem fraudulent, as far as my lay reading goes.
If someone sends you a letter saying:
"Dear qw3rty01: You're hosting Python. Python can be used to circumvent my copy protection provisions. I believe this is illegal under 17 USC §§1201(a)(2) and 1201(b)(1). I ask that you immediately take down and disable access to Python."
They're allowed to do that.
So long as they have a genuine belief that Python violates §§1201(a)(2) and 1201(b)(1), they've sent a stupid letter, not an illegal one. I believe your only recourse is to ignore it.
Your understanding of legal fees is incorrect:
1) I don't need a countersuit to recover legal fees. I can generally file a motion in the original litigation.
2) The US doesn't have federal anti-SLAPP laws. Some states have anti-SLAPP, but even there, there are open legal questions on how state laws interact with federal law suits. Unless you happen to live in a state with anti-SLAPP and one where precedent says state anti-SLAPP laws apply to a federal law suit, you're probably out of luck.
3) Even so, anti-SLAPP is designed for specific types of legal intimidation; I'm not sure this would qualify.
I just looked at the RIAA DMCA repo, and the situation is more complex than reported. The RIAA got a court ruling of some sort in Germany. That throws all sorts of wrenches into all sorts of analyses.
That's why I asked, because the takedown request wasn't claiming ownership of the youtube-dl code (or that it was just enabling infringement), it was claiming that youtube-dl was breaking DMCA section 1201, which covers circumventing DRM.
github went way above-and-beyond here. It is under no obligation to:
1) Enforce an invalid DMCA request
2) Take down forks and repos from other users, without DMCA requests
3) Threaten to ban users
DMCA has a simple, neutral process. github receives a request. It's required to take down that specific tool if it's a valid request (NOT everyone who forked it). The developer who owns that repo can then put that up. At that point, github brings that repo back, and gives the RIAA means to file litigate against the developer. It's inspired by the concept of a common carrier, where github would be acting as a neutral party, not a thuggish policeman-for-hire.
If github ignored DMCA requests, I wouldn't do business with them either. I expect them to be a neutral third party, as the law dictates.