Verifying duplicate works

When requested by our clients, we may supply a copy of materials they have deposited with us to be presented as evidence. What we supply represents a true and accurate copy of the files that they have lodged with us on the submission date(s) stated on the registration certificate and accompanying schedule.

If you are involved in the arbitration of a copyright ownership dispute (or similar) and have been supplied with a duplicate work and have any doubt at all about its authenticity, there are a couple of steps you can take to verify what you have been given is a true, accurate and unaltered copy.

How we supply duplicate work

A duplicate work may be supplied on media such as a CD, DVD, USB drive, or as a downloadable zip file.

Either way, the data contained will consist of a top level folder (the name of the folder will be the registration number of the work), and beneath that will be one dated folder containing the files that were submitted to us on that date, a PDF copy of the certificate & schedule and any covering letter/correspondence, a manifest file and its signature file, and (optionally) if the client has submitted updated versions these will be contained in their individually dated folders. Folder dates are in ISO 8601 format (YYYY-MM-DD).

For example:

  • 123456789

    • Registration certificate & schedule

    • Covering letter and declaration

    • 2021-01-17
      (files for initial deposit made 17      th January 2021)

    • 2022-10-01-update_001
      (new/altered files submitted as an update on 1      st October 2022)
      (there may be several update folders – or none)

    • 123456789-manifest.lst
      (manifest containing hashes for all files)

    • 123456789-manifest.sig
      (digital signature used to verify that the manifest has not been altered)

The manifest format is one line per file, starting with an SHA512 hash and followed by the relative path of the file.

Steps to verify that the duplicate work is true and accurate:

  1. Verify that the manifest has not been altered.

    To do this, go to the verification page (https://copyrightwitness.com/services/workverification) and upload the signature and manifest files.
    If either the signature or the manifest file has been altered in any way since we supplied it, the verification will fail.
    Passing verification means that the manifest is exactly as we supplied it and that its contents can be trusted.

  2. Verify that the files listed in the manifest match the files in the duplicate work folders.

    Generate a SHA512 hash of any file you wish to check and compare with the hash stated in the manifest. Instructions on how to do this can be found at https://copyrightwitness.com/services/sha512-instructions

    If the file has been altered in any way, the hash will not match.

    If the hashes match, you can be certain that the content of the file has not been altered in any way.