The 3am call from a Japanese rightsholder
Last quarter a Japanese label sent a takedown notice for fourteen music videos we'd been aggregating across our trending feeds. Standard request — except the email landed at 03:14 JST and the legal contact wanted to know not just that we'd removed the videos, but who had hidden them previously, when they'd been re-enabled, which moderator approved the rehab, and what reason was attached to each transition. Our audit log at the time was a single moderation_log row per video with a last_action column and a timestamp. It told the rightsholder almost nothing.
That morning TopVideoHub shipped the first version of an event-sourced moderation log. Six months in, it has paid for itself four times over — DMCA responses, KCC inquiries from Korea, an internal investigation about a moderator who was force-hiding K-pop clips, and a rollback after we shipped a bad auto-moderation rule. The pattern is well known in finance and banking and curiously underused in content platforms. This post is the version I wish someone had written for me before that Tokyo email arrived.
Stack context, since it matters for what follows: PHP 8.4 on LiteSpeed, SQLite as the only persistent store (with FTS5 + the unicode61 tokenizer for CJK search), Cloudflare in front. Single-region origin, multi-region trending ingestion across nine APAC markets. No Kafka, no Postgres, no separate audit service.







