Slashdot Mirror
Meet the DoJ's 'Anti-Piracy' Lawyers
Answering your questions will be the attorneys assigned to prosecute intellectual property crimes in the Department of Justice's Computer Crime and Intellectual Property Section (CCIPS). Spearheading this group will be Michael O'Leary, Deputy Chief for Intellectual Property who oversees the day-to-day intellectual property enforcement operations. Here is some background on CCIPS and their intellectual property efforts:CCIPS began as a small group within DOJ in 1991, with a focus on network crimes (e.g. hacking into machines, destructive worms and viruses, denial of service attacks), intellectual property crimes (e.g. software piracy and counterfeiting), and electronic evidence issues. CCIPS is part of the Criminal Division of DOJ (which, as its name suggests, is primarily responsible for enforcement of federal criminal laws). Today, the section has grown to almost 40 lawyers, of whom about a dozen focus on IP issues. (Please keep in mind that it will be the IP prosecutors answering questions here, so save your non-IP-related hacking or electronic evidence issues for another time.)
What do the attorneys assigned to IP at CCIPS do? The IP prosecutors in the Section are responsible for establishing and enforcing the Department's overall intellectual property rights enforcement program, including the prosecution of federal intellectual property crimes. In some instances, CCIPS handles the prosecution of intellectual property cases. More frequently they work closely with prosecutors in the U.S. Attorneys' Offices around the country who handle the vast majority of federal criminal prosecutions, both IP and non-IP. They also provide training on IP issues for prosecutors and law enforcement, both domestically and internationally. Other responsibilities include reviewing new policy proposals, legislation, or international agreements related to IP, and providing advice to other government agencies or components of DOJ. The prosecutors also work closely with foreign law enforcement counterparts to coordinate IP enforcement activities around the globe.
While they are committed to fully answering your questions, as Department of Justice attorneys, they are subject to various Federal laws, Department of Justice rules, and ethics rules. They are not permitted to provide legal advice to individual private citizens. This means that there is no attorney-client relationship between CCIPS and Slashdot readers, users, or moderators (and answering questions on Slashdot should not be interpreted as creating one). Therefore, they will not answer questions seeking legal advice. Finally, they cannot discuss ongoing cases, investigations or related hypotheticals.
To learn more about the Department of Justice or the Computer Crime and Intellectual Property Section, visit the following web sites, www.usdoj.gov and www.cybercrime.gov.
What is your definition of the term "Fair Use" in regard to any software or music we buy?
"Some fight for law. Some fight for justice. What will you fight for? One day, you will see."
I am aware that companies spend large sums of money on holograms, authenticity cards, product activation schemes, anti-CD-copying schemes, serial numbers and so on. When investigating alleged copyright infringement, do you find that these anti-IP-infringement techniques have a real effect on preventing such things from happenning? Does copyright infringement go down when companies put up roadblocks like these or do the infringers get away with it nontheless?
Can you summarize the public good performed by your efforts that a taxpayer, who is neither a stockholder nor employee of the content industry, can realize and should support as a necessary function of the federal government?
Question I usually like to see answered by anyone:
What is the one thing that people usually don't understand about you or what you do that you wish they did?
If we are unhappy with some related current legislation, what is the most effective means for us constituents to work on changing these laws? Is writing our congressmen the only/most effective way or is there something else we can do to have our opinions heard?
I'm curious about the criminal definition of IP Theft and Infringement. It has always been my stance that such items, within reason, should be a matter settled in a civil suit. It is extremely difficult to deprive a party of intellectual property, unlike tangible property. With this in mind, I don't feel there is truly a need for an IP Theft/Infringmenet branch in the Department of Justice.
On to the actual question: Wouldn't the vast majority of cases be handled with the correlated "hacking" or other forms of breaking and entering to steal the property in question, without actually devoting the resources for what is largely a civil matter between individuals or companies? I'm guessing my stance on this comes from a misunderstanding as to what it takes for the government to actually get involved in IP theft/infringement.
Also, I understand that while some companies and individuals do not have the resources to fight IP theft/infringment in court, it seems programs could be setup to assist them. It still seems a large pool of legal resources for what should be a civil matter.
Dacels Jewelers can't be trusted.
Do you see a distinction between (what I would consider) a true "pirate" -- one who copies and distributes, for profit, intellectual property -- versus a file sharer?
"The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
A lot of noise has been made (in the techie world, at least) about the desire of several copyright holders to enforce anti-piracy laws by taking matters into their own hands; music companies deleting music files off of privately-owned computers, movie studios doing the same thing with movie files, etc. For the moment, this sort of thing is not legal.
My question is: As a lawyer, how do you view bills that aim to legalize this sort of activity? When it comes to "making it legal", is there a connection between letting the RIAA perform 'hacks' that would be illegal for private citizens, and allowing pot to be smoked only by those who have a prescription, or only law-enforcement officers to obtain concealed weapon permits? Is there a danger of reaching a point where we go from "The movie studios can shut down your website if they think you're letting people download movies" to "If you think the neighbor stole your mailbox, you can break into his house to get it back"?
I hear the term "Fair Use" bandied about all the time in these discussions. From a legal standpoint, does it exist? Do I have a right, that will stand up in a court of law, to make a copy of software/music/data for my own personal use?
If I do, does making an "uncopy-able" product violate that right?
There are 01 kinds of cars in the world. The General Lee, and everything else.
I'm trying to figure out at what point do you differentiate between "fair use" and "piracy". At what point does "fair use" stop and "piracy" begin? Would letting an immeadiate relative or direct friend make use of a software package be considerered "fair use"? Can you provide an example of what would be considered "fair use" that would contradict the licensing terms of an EULA?
It's easy to find cases where people get light sentences for crimes that, at least to me, seem much more damaging to society than a few swapped files. How do you justify asking for billions of dollars of so-called damages or years of jail time when people who shoplift some CDs receive little if any punishment?
Here is a question I have been dying to ask for a long time, but never
got a chance until now for which I thank you and slashdot.
As we all know, laws cannot be defined like scientific formulas, but rather
have to evolve to suit the needs of the society and to adhere to the spirit
of what the founding fathers intended.
My question is this. When you persue, and prosecute intellectual property
cases (esp. related to music industry) what sort of guidelines do you use
here to differentiate between fair use of listeners and property rights of
conglomerates ? Do you follow all cases int he same way ? Are there
references made to the text by the founding fathers and their ideas regarding
balancing soceities need for creativity and owners(not necessarily creaters) need
for profits ? I would like to know what goes on in the closed rooms where decisions
need to be made regarding allocating tax-payers resources to persue cases where
it may not always be clear where the fair line needs to be drawn. Do you ever
get the feeling that not making a good judgement over long period can lead to civil
unrest in digital domain, as has happened before?
Are there times that you personally feel that enforcing a law to its word is unfair
but have to nevertheless enforce it to adhere to the letter ?
What do you think is the future of some of the current IP laws and future proposals
from a law enforcement perspective ? Do you forsee any major obstacles for enforcement of
some of the stricter digital rights laws that are on the table ?
Thanks again,
Too Bad.
DO NOT PANIC
do you have any special metrics or do you just use the claims presented by plaintiffs? if you have metrics of your own, how were they calculated?
...vividly encapsulates that post-Watergate/pre-punk/coked-up moment when you could trust no one, least of all yourself.
Is there any sense as to the actual guidance of the cryptography export laws? As an American citizen living in the Netherlands, I've been faced with a lot of problems, especially in this area. For instance, I'm legally unable to get source code for projects such as Kerberos (although it's been possible "through other people." I don't get the feeling people take this very seriously, and was wondering what you guys thought.
How do you wish to punish cyber criminals coming from other countries? For instance, if a Dutch hacker cracks a US corporate server (ignoring US/Dutch relations for a bit), would it be possible to prosecute this person? Are there UN regulations for computer "terrorism" (as I'm sure Bush would have it called, ehehe :)
What are your perspective's of Microsoft's Palladium technology and it's legalitites?
How often do internet security cases get tried?
I'm sure I could go on with tons more, but I think this is probably enough.
Kind regards, Devon H. O'Dell
Is a distinction made between different levels of IP infringement?
I imagine that, from a legal standpoint, there should be a different point of view between a student that copies one software for personal use and a blatant thief who makes money out of selling the same copied software.
However, this question has two assumptions:
- The student would not use the software if it was not available (i.e. it is not a lost sale)
- Both activities are infringing (i.e. this question is not seeking to justify the first case)
I think this question is especially relevant since there are reports that the RIAA is now prosecuting students for "infringements" that are mostly gray areas (i.e. the infringement does not seem proven beyond a reasonable doubt, at least to the public).
The ENIAC Demo Competition
As a Canadian I am curious as to the co-operation you receive (if any) from agencies outside the US? Specifically Canada but also internationally in general.
mitd -- Made in the Dark
"One good thing about spam... You don't gotta answer it"
Given that from a legal standpoint (and, many would argue, an ethical one) there is a distinction between "copyright infringement"/IP violation and "theft", what views do you have on the regular and incorrect/misleading application of the latter term by such people as the RIAA and law enforcement? Such misuse of language seems disingenuous, and taints the arguments of those who might otherwise have valid points to make about the morality of misuse of intellectual property rights.
It seems that if there are ethical arguments against piracy and other forms of copyright misuse, those arguments can and should be made on their own merits without the introduction of psychological wordplay apparently designed to confuse the public and cloud the debate. Accordingly, what steps are being taken to clarify the correct terminology and to avoid jingoistic use of words like 'theft', 'thieves' and 'stealing' amongst law enforcement and elsewhere?
Why is the government so willing to bend over backwards to help copyright holders, yet it does seemingly little to protect individual fair use rights?
As it stands, if I were to break the copy-protection scheme on a CD to make a backup of it for personal use, I would be in breach of the DMCA, even if I had no intention of making an illegal copy of it. Piracy is already illegal, those who commit it are going to do it anyway - this law simply makes criminals of ordinary people.
-- Even if a god did exist, why the fsck should I worship it?
Obviously, you have law degrees, but what other degrees or field expertise do you have (such as computer science backgrounds, library degrees, etc.)? Obviously, not everyone is going to understand every single patent out there, but do you handle cases exclusively by what's on paper, relying on the claims of industry experts, or do you provide your own understanding of at least some of the key fields?
----------
Something cleverWhat is the DOJ's position about damages companies claim for copyright infringement? Are they taken as-is, or does somebody verify claims?
For example, say Joan Filetrader has a Metallica MP3 in her shared directory and is eventually prosecuted for copyright violation. It seems like it is standard practice for Metallica's copyright holders to do math like "Well the connection was up for 1 month, and her bandwidth is 8Mb/s, that means that she could have transferred 2,500,000 MB that month, and since the MP3 is 5MB she cost us $10,000,000 in sales."
Does the DOJ review that math and do things like verify what the likely impact on the company's bottom line was?
What type of legal training do investigators have?
/ephraim
I'm asking this as a techie who is considering attending law school. What coursework has been helpful to your jobs? What types of internships or other jobs have prepared you for your work? How many of you worked with technology as a programmer/sysadmin/etc. before going into law and/or law enforcement? Any other advice for a techie interested in IP technology law?
Why. Does. the Department of JUSTICE have a stable of lawyers to enforce copyright when that is a <blink> CIVIL </blink> matter?!!!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
How strong is the "lost sales" argument that copyright holders usually make when prosecuting "not-for-profit" copyright infringement? Especially when the product is not tangible (software and music, not CDs)?
Although it is often mediatic, any student of accounting will immediately recognize that the number is merely an estimate of available infringing copies, further inflated by the assumption that every copy would have been bought. Both can be easily altered to craft an alarming number.
(Disclaimer: this question is not seeking to invalidate these numbers, but seeking to know how strongly they are considered from a legal standpoint).
The ENIAC Demo Competition
How do you feel about the anti-circumvention provisions in the DMCA, specifically how they apply to non-copyrighted or public domain materials. It seems to me that this clause has granted corporations an unlimited copyright on any material they publish. This is not only unfair to the consumer, but unconstitutional. IANAL, but you are, so what is your opinion?
Visualize the world of wine
We often hear that software piracy costs X amount of dollars or music piract costs Y dollars every year. How are those numbers arrived at?
For example, let's say Pete Pirate grabs a copy of Microsoft Office and the latest Brittany Spears album from some site.
Microsoft has a list price of $499 for a full version of Microsoft Office XP Professional. But no one in the history of computing has ever paid full retail price for any copy of office. warehouse.com, about as mainstream as you can get sells it for $65 dollars less. You can get it for much less if you shop around or purchase it as part of an OEM deal.
Similarly, Brittany Spears's latest cd has a list price of $19. No one pays that either.
So did Pete pirate $520 worth of product or $447? That's about a 14% increase in damages.
And what's to stop a company from artificially inflating the MSRP of a product in order to inflate the damages?
A frequent gripe with the geeks here at slashdot, myself included, is that apparently legislators are not sufficiently well informed to create IP laws, frequently proposing and enacting laws which either constrain individual rights in favor of protecting those of big corporations (like the DMCA), or are simply not effective, because they can never patch the frequently referred to "analog hole" which is always a required step for humans to get to the information.
Given that for ethical reasons, you may not give your honest opinion on said legislation since you are required to enforce them, I'd simply like to know if I can trust that you are sufficiently well-informed to give council on these ever emerging new IP legislations. Do you feel that you truly have sufficient technical experience as opposed to your obvious legal ones? Can you elaborate on what type of experience you feel helps to qualify you to truly understand the ramification of these legislations?
Warning: Opinions known to be heavily biased.
In some cases this decision is clear cut: the largest and costliest criminals should be dealt with first. But in a lot of cases on your Cybercrime page (notably, some of the targets in Operation Decrypt) you chose to prosecute a few of the "small fry." The same dragnet that netted convictions for a $14 million offender also snared a few guys who only caused losses of $7000. Interestingly, among the latter persons were some of the most skilled embedded security experts alive today.
So, how often do you target offenders based on pressure from the crime victim, high visibility, high (criminal) intelligence, or other factors not directly related to the crime? And who, besides the prosecutor's office, weighs in (indirectly or directly) on these decisions?
Here in Britain, we recently shut down the governemental body that regulated our train services because they were tending to take the side of the small number of contact personnel at the train companies that they dealt with on a day to day basis rather than the side of the faceless multitiude of passengers who they only knew through a few angry mails.
Given that your department will (in the vast majority on cases) be working on behalf of a very very small number of copyright-holding organisations against potentially millions of nearly anonymous file sharers, how will you prevent this 'going native' phenomenon biasing your investigations in favour of people you having a close working relationship with, and how will you defend yourselves against the inevitable accusations that you have 'gone native' and are a 'private police force' for the copyright holders?
A pizza of radius z and thickness a has a volume of pi z z a
What is your opinion on the case of Daniel Peng? The internet at large is angry at the treatment of Peng by the courts - many consider sites like the one Peng created to be "common carriers" - that is, all Peng's site did was list the files other users had chosen to put on the academic network to be freely downloaded. Was it his responsibility to ensure that all the files listed on the academic network (which, unlike Napster, was a network he did not operate or design) were legitamate? While he may have been personally involved in pirating files (that is, he may have personally downloaded files to his computer) that was not the focus of the lawsuit. Peng was placed into a legal battle where he had no chance at victory, and as such had to settle out of court. What is your opinion on this case, and ones like it?
How seriously do you take a question from someone named "stinky wizzleteats"?
Your credit card information wants to be free.
Please characterize the types of criminals that you go after. Mostly warez rings? Businesses that don't license all their software? College kids with FTP sites?
I'm sure it's impossible for a group of 40 people to round up every IP criminal. How do you ensure that you aren't ignoring a piece of the pie?
There are no trails. There are no trees out here.
I think one thing that people struggle with is understanding what is actually legal to do with the media they purchase. I'm not talking about ethics, but the actual letter of the law about what I am allowed to do. So to simplify, what's legal or illegal about the following cases:
1) Copying a CD to tape to listen to in my car
2) Ripping a CD to listen to on my computer at work
3) Loaning a CD to a friend
4) Ripping a copy of a CD and giving those files to a friend
5) Ripping a copy of a CD and putting those files on Kazaa
6) Selling copies of the CD
Related to this, how does the volume of these activities influence them? Is it legal to make one copy of a CD for one friend? What if it's for 100 friends? or 500 friends? We can talk endlessly about the spirit of the law and the ethics of it, but the letter of the law is critically important here.
This sig has been temporarily disconnected or is no longer in service
If DRM-included hardware does become the law via the CBDTPA (SSSCA) or any other legislation, how does this interact with regards to copyright expiration? The DMCA makes it illegal to circumvent such DRM, thereby basically enforcing perpetual protection of the work. If the work is perpetually protected via this combination of law and technology, how can it be copyrighted legitimately, since the work will never *really* be able to join the public domain? This is analogous to trade secrets vs. patents, unless measures are taken to ensure the DRM encryption is removed once the copyright term is over. Or would that be illegal through the DMCA as well? The DMCA states, "No person shall circumvent a technological measure that effectively controls access to a work protected under this title." The title referred to is title 17 of the US Code, which covers copyright. I can therefore assume that removing copyright protections on expired copyrights would not be against the law. However, the DMCA also forbids the selling of tools to circumvent the very same DRM. I find it hard to believe that the RIAA/MPAA would let these tools become available regardless of the user's intent and/or rights under copyright expiration rules. Any comments about this apparent paradox?
Slashdot needs to interview Natalie Portman.
The world's full of kids of all ages who like to take things apart to see how they work, and engineers who need to find out how things work. There are some open questions about how current law affects them.
What are the department's policies and guidelines about whether an instance of reverse engineering violates intellectual property rights? Would the department consider criminal action against someone who reverse engineered a product if the click-through license said not to?
What factors would the department consider if trying to decide whether a security researcher's work was legitimate?
Does the department recognize a public interest in publicizing flaws in commercial software, even if it involves extracing proprietary information?
Finally, from your personal perspective as believers in the rule of law, what are the top two or three changes you see as necessary in US IP law?
I'm disturbed by the way large conglomerates determine and demand damages based upon projected profits should a product's IP have not been violated and piracy had not occurred.
It's a somewhat flawed argument to claim that $5,000,000 worth of software was confiscated in a piracy raid when off the shelf, at the point of purchase, the software would only have had a $2,000 street value (I'm referring to how much the pirates price the products).
Basic economic theory would point out to you that the lower the cost of ownership, the greater the demand for that product. Even if the retail value of a shop's pirated products had been worth millions, I can't imagine how they would have been able to sell these products that the prices they were pegging it at.
Although piracy is wrong per se, how much in lost profits should a company be allowed to attribute to piracy? I think cases where students from universities are hauled up for file sharing and the penalties imposed on them are totally absurd although the crime is similar (piracy) but the damage, obviously can't possibly be so high.
How does the law make sense of this? How far should IP be protected and would we ever see an end to some of the whimsical claims made by IP owners?
What did you learn about your interpretation of DMCA from the acquittal in the Sklyarov / Elcomsoft prosecution?
When the movie studios advertise DVDs, the advertisement always says "Buy it today!" (or "By it [insert-time-frame-here]") or "Your last chance to own [insert-title-here]!".
Yet the movie studios insist that we have not purchased the content, but merely licensed it. It seems that the studios are trying to have their cake and eat it too. Isn't this be a clear-cut case of false advertising? If so, why isn't the FTC cracking down on this?
The only reason we have the rights we have is that people just like us died to gain those rights. -- Cheerio Boy
If a person owns a vinyl record, would downloading (via peer-to-peer filesharing networks) the exact same recording and performance in a digital format be considered "fair use" or would it, instead, be a violation of copyright laws?
... I find it extremely hard to believe that your division truthfully represents the "people" of this country. It seems that your job is to help mega-corporations make "examples" out of college students and others who are too poor to defend themselves.
Yes, sharing copyrighted music and films is a crime. However, I see no justification for the insane penalties associated with file sharing and priacy. It seems that companies can make up some absurd figure in the billions, claiming it to be actual damages, without any sort of proof they have really lost that much at all from file sharing.
Can you please enlighten me as to why software and media "pirates" as well as other "computer criminals" are in many cases treated worse than violent criminals who use weapons and rapists?
"You spoony bard!" -Tellah
In copyright law, 17 USC Section 512(c)(3)(vi) states that all notifications of copyright violations sent to ISPs must contain
(emphasis mine).Do you know of any cases in which the sender of an invalid takedown notice -- such as the RIAA claiming Penn State University Emeritus Professor Peter Usher's lecture on radio-selected quasars was, in fact, an mp3 from the musician Usher -- has been successfully charged with perjury? Or do you allow copyright holders some "fudge factor" with the perjury aspect, since
If copyright holders are allowed leeway, can we expect to see similarly loose definitions of perjury creep into the legal system? If the police are looking for a "Caucasian male, age 50-60, bald, 200-225 pounds," can I testify in a court of law that the 18 year-old caucasian male with a ponytail, weighing 140-150 pounds, is in fact the suspect since he is, after all, a caucasian male?
I realize that's more than one question and that they're slightly loaded, but I'd appreciate any comments on how seriously the DoJ takes the perjury clause of the takedown notices.
Thank you.
-jdm