Sauce for the Gander: Aimster Uses DMCA to Its Advantage

jij writes "Have you seen this? File-trading network Aimster is using an unusual shield to protect its users from snooping: copyright law sponsored by the recording industry. Wired has the story." This is a cute hack, but I really wonder how well it will stand up in court. One of the basic concepts in law is the idea of "unclean hands", where a party may not get relief when they too are breaking the law. In theory, this should prevent the music industry from being able to successfully sue Aimster. But in practice, judges are going to want to rule for the noble music industry against the evil music pirates.

DMCA finally hitting the public conciousness

[wunderhorn1]

The syndicated comic strip The Boondocks has been satirizing the DMCA yesterday and today .

Check them out, they're hilarious. As an added bonus, the past two weeks' editions have been refering to Napster.

Confusing...

[NecroPuppy]

As noble Slashdotters, we're supposed to hate AOL, and love Napster, so what are we supposed to do in this case?

Tho, I do have to agree... Lovely hack... :)

A question for lawyers

[OlympicSponsor]

Here's what I was about to post: "It doesn't matter how judges want to rule, if the evidence was gathered in opposition to law (DMCA) than you can't even say that Aimster has unclean hands." But then it occurred to me, if it was the RIAA itself that gathered the evidence (instead of the police) does the Fourth Amendment apply? Or, for that matter, does DMCA apply to Fourth Amendment?

That is, does the fact that the DMCA makes "breaking protection schemes" illegal force the police into a position (via the Fourth Amendment) where they can't access, say, my hard drive? And if so, does it place the RIAA in the same position or are they exempt by not being a law enforcement agency?
--
Non-meta-modded "Overrated" mods are killing Slashdot

Lawyer: I'm skeptical

[hawk]

I am a lawyer, but this is not legal advice. If you need legal advice, contact an attorney licensed in your jurisdiction.

The Fourth Amendment only applies to governmental action. Any law must give way to the 4th or any othe rpart of the constitution.

However, when a private party acts illegally, it is likely to be "estopped" from using evidence gathered in this matter. However, estoppel is a doctrine from equity, not law, and the party seeking to use an equitable doctrine must come forwared with "clean hands"

So why am I skeptical? Very simply, the purported license terms apear to be a sham from the beginning. There appears to be not only no legitimate use, but no use at all for the service under its license terms. You are allowed to download a file, but not open it afterwards. In other words, its useless.

If it's true that David Boies was involved, there may be something that wasn't reported that would make a difference: he's too smart and too good an attorney to have been involved with this the way it was reported (OK, some of his arguments on behalf of the Gore campaign were silly at best, but he's still very good. And when your case is a lost cause from the start, a good attorney grabs for every glimmer of hope).

From what has been reported, it would seem to me that there's a good chance that the license is modified by the clear intent of the authors (as is the case where projects are accused of violating their own GPL license) so that opening the files *is* allowed. At that point, I don't see where aimster has gotten anywhere.

hawk, esq.

Re:Lawyer: I'm skeptical

[TheCarp]

> So why am I skeptical? Very simply, the
> purported license terms apear to be a sham from
> the beginning. There appears to be not only no
> legitimate use, but no use at all for the
> service under its license terms. You are allowed
> to download a file, but not open it afterwards.
> In other words, its useless.

Well IANAL but I am a Sysadmin and have worked customer support. So while I may not be an expert on the law, I am an expert on spotting the actions of a person who is operating an an area where they are incompetent.

This seems like one. Namely that the aimster people don't know law, and are trying to use what they do know (programming, logic) to find a way to sneak around the law and cover their asses.

Regardless of what the license says, its a peer to peer general file sharing protocol. In fact, its a "closed" one that lets you choose which peers to share with.

This has more REAL uses than I can imagine. I don't know how often I, or a friend, will do something (be it one friend scanning in a picture he drew, or another who wants to show me a config file etc etc) where something like this would be GREAT!

I run my own domain with a machine sitting off a DSL line, and am paranoid about security (or try to be). So I wont run ftp because its inherintly insecure. Alot of people wont use scp. And my AIM client (everybuddy) refuses to do file transfers.

If I want to share a file, I make a "secret" directory and put it on my webserver (no, not usually the carpanet.net one - I am a sysadmin afterall, I have many servers), but not everyone can do that.

All in all, they are providing a worthwhile service, allowing people to securely share files. Better than napster really, since napster was designed for promiscuous anonymous mp3 sharing SPECIFICALLY.

I think this is on better footing both from a useability standpoint, a bandwidth standpoint (don't get me started about the dorm network and napster - students downloading isn't why we blocked it at the boarder router until we could institute a bandwith cap) and from a legal one... since its really a very general utility.

If one wanted to compare p2p file sharing protocols to "tools" napster would be like a lockpick (nothing evil about them, they are useful for people who arn't "theives" but - not very general)....this is more like a hammer, or a crow bar. Lots and lots of general uses.

-Steve

Re:Sure...

[nlvp]

Their claims of legality are dubious, at best.

What you mean is that it's dubious that their system will be used for legal purposes - what they're doing is no more illegal than enabling a corporate network unless their model is dependent upon pirating music in the same way as Napster does.

This is really smart for quite a few reasons, I can think of 2 that are so cool they give me goosebumps.

The first thing is that they're making the point, implicitly, but quite clearly, that the DMCA was a law passed to serve a certain group of people rather than the people as a whole - and now that they've used its provisions to protect themselves, the law has to either take the bullet, accept that it's there to serve the interests of the RIAA and cohorts, or feign ignorance and let this happen.

Secondly, for this to be illegal, it has to be proven that it is being used to copy music/films/copyrighted information. This cannot be done without someone finding out about the content being transferred - and this cannot be broken without invalidating the case against DeCSS.

It's an interesting cross-over of the DeCSS case with the Napster case, and it uses the law very intelligently to say that if these provisions can protect one party, they can protect all parties.

But let's not lose sight of the ball here - although the DMCA is bad and the case against DeCSS should rot and die, the case against Napster still provides a conundrum - sales of singles are down something like 10% in a strengthening economy, which begs the question, "was it Napster?" (my personal opinion : Yes it was). If there is a problem there, and sales are being reduced because people are pirating records - then there's still something illegal going on, and just because it's illegal to get around our obfuscation because we've been smart doesn't make us any better than the MPAA using the DMCA to crush DeCSS.

All we've really done is said: "Look, the DMCA allows us to prevent you from proving that people are breaking the law", and that's a really good point proving that the DMCA goes much too far. It doesn't make obtaining songs without paying for them any more legal than before, and that's got nothing to do with the DMCA.

Re:Yeah right...

[f5426]

> I think they may be secretly hoping it doesn't stand up in court, because in order to be struck down, RIAA has to show just how poor a law the DMCA really is and start the ball rolling on repealing the law

I don't get it. They will just add something like 'DCMA-is-for-consumers,-not-for-RIAA'. Of course 'DCMA-is-for-consumers,-not-for-RIAA' will be written 'in-case-of-file-swapping, a law enforcment agency can be asked by plaintiff to ask for a descryption key. Plaintiff can then monitor traffic for a limited time'. Of course, 'in-case-of-file-swapping' will be written 'in case of suspicion of repeated copyright violation'...

I'm sorry, but I have yet to see a case where a clever-or-not-so-clever hack can destroy a money-bought law. The law will just become more and more fascist, ("Dear congress, those evil bastard are trying everything to break our beloved DMCA. Could-you add something about death penalty for anyone making a digital copy of anything ? Thanks in advance. PS: Feel free to use the enclosed blank check.)

Cheers,

--fred

Clarification

[SnowDog_2112]

After reading the Wired story, I still had some confusion, so I went to aimster's site and read the new TOS.

Basically, the new TOS has two big clauses:

1. The network is encrypted and private, and by the DCMA you can't break that encryption.

2. The whole goal of AIMSTER is to distribute to yourself files you already own, or to collaborate with a known group of individuals on files you own and can legally share with them (i.e. a text document you are editing together).

You also agree not to copy files out of your aimster folders into other folders, unless those folders are also shared on aimster. And (here's the key) you agree not to open a file in any aimster folder unless you know for sure it's legally yours to open.

I think what they've effectively done is say "Look, there's a legit market for distributed storage of files. We've done our best to make sure it's used legally. If you think someone is using this service illegally, pursue them, don't pursue us." They've also made it non-trivial to gather evidence to show the service is being used illegally.

I think it's fairly clever. I'm trying to find a way in which they're breaking a law, and I can't. Of, course, IANAL :). But I don't see how this is different than:

- Using an encryption program to encrypt some files
- Placing those files on your machine in a shared folder, which is password protected
- Using a service like AIM/ICQ to tell your buddies about the password-protected share, including the password and directions on how to decrypt.

Who can you sue in the above scenario? Only the end user is breaking the law, if any law is being broken. I think aimster is just wrapping all 3 of those things into one convenient package.

Good job, guys.

Re:Yeah right...

[jandrese]

I think they may be secretly hoping it doesn't stand up in court, because in order to be struck down, RIAA has to show just how poor a law the DMCA really is and start the ball rolling on repealing the law. The loss of yet another peer file sharing system is not a big deal, the loss of the DMCA on the other hand would be a huge weight off of the shoulders of reverse engineers and compatilbity experts everywhere (many of which work with free software).

Down that path lies madness. On the other hand, the road to hell is paved with melting snowballs.