The Technical Specification for

Copyright-owner Automated Infringement Notification (CAIN)

Version 1, drafted by EchoEkhi on 2023-12-01

This specification details a way for copyright-owners to announce, in a human-friendly and machine-readable way, if and how they would like to be notified if automated systems detect that their copyright may have been taken advantage of by non-right-holders.

The acronym is a reference to the Mark of Cain in the Book of Genesis of Christian mythology, as this mark also serves to protect the right-holders by announcing to everyone else that they're under protection.


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.


The information relevant to CAIN is contained in a URL, which we shall refer to as a 'mark', similar to this one:

https://copyknight.org/cain://?allow=all&to=mailto:user@example.com&ack=example.com:account_name,example.org:account2&v=1

The most minimal form of the mark is cain://?, which allows anyone to send automated messages to the user on the site the mark is located about any identified infringement.

https://copyknight.org/

Vendor, optional

Identifies the mark's vendor, as well as allowing the mark to be navigable on the Internet, so others can find out what this text means easier.

Should be a valid URL or domain name.

If this field exists, the overall URL formed by the mark should re-direct to a page explaining what the mark indicates.

cain://?

Scheme, mandatory

Identifies that this URL follows the CAIN (Copyright-owner Automated Infringement Notification) specifications. Allows machines to be able to identify the URL easily.

allow=

Allowed senders, optional

Informs the reader which organisations are allowed to send them automated messages.

Possible values:
allow=approved (Default)

Only organisations approved by the Vendor are allowed to send automated notifications.

If this value is implicitly selected and the Vendor field is blank, it has the same effect as allow=all.

If this value is explicitly selected, vendor field must exist in the mark.

The approved vendor list must be accessible at [Vendor's domain name]/_cain/approved.csv in CSV (comma-separated values) format.

allow=all, allow=* Everyone is allowed to send automated notifications.
allow=none

No one is allowed to send any notifications, including manual ones.

This is useful if the work author decides to give up their copyright. Note: this value alone is not sufficient as proof that the author has released their work into the public domain.

allow=[organisation_name](,[organisation_2_name],[vendor_name*] ...)

Only organisations refered to in the value are allowed to send automated messages.

Can contain multiple organisations, separated by commas (,).

Can contain vendor names, which must have an astrisk (*) at the end. All organisations approved by that vendor are allowed to send automated messages.

Names must only contain lower-case letters, dashes (-) and underscores (_), and must be under 20 characters each.

Names must not be approved, all, *, or none.

to=

Inbox, optional

Informs the reader where the automated messages should be directed to.

Possible values:
to=site (Default) Send directly to the website the mark is located on, via private messaging if possible, or in the comment section of the affected work, or in any comment field related to the right-holder.
to=mailto:[email_address@example.com]

Send an email to the email address.

Only one email address is allowed.

Note: the email should contain an explanation of why the email was sent and where the mark was found, as well as provide a way to un-subscribe within one click, overriding the mark. This is because there is no verification that the email address belongs to the person who placed the mark.

to=mailto_obfuscated:[rznvy_nqqerff@rknzcyr.pbz]

Send an email to the obfuscated email address.

The obfuscation algorithm is ROT13.

This is useful if the author does not want spammers to easily get hold of their email address with unsophisticated crawlers.

to=mailto_encrypted:[ZW5jcnlwdGVkX2RhdGE=]

Send an email to the encrypted email address.

The encryption and encoding algorithm is defined by the vendor.

This is useful if the author wishes to keep their email address private.

ack=

Acknowledge content distributors, optional

Informs the reader which accounts on the Internet the right-holder has granted permission to distribute their content.

Possible values:
ack=none (Default) All detected infringements should be sent.
ack=[domain_name]:[unique_user_handle](, ...)

Do not send detected infringements found under user of [domain_name] identified by name [unique_user_handle].

May contain multiple accounts. Domain names must be lower-case and valid domain names, user handle is case-sensitive and must be unique for the service provided by [domain_name] and must not contain characters unsuitable for the URL.

Note: to achieve the effect of ack=all, use allow=none instead.

v=

Version number, optional

Informs the reader which version of the CAIN specification the mark adheres to.

Default value is v=1.

For this version of the specification, the value is v=1.

For derivative versions of this standard, the value should be v=[version_number]-[derivative_identifier].