Slashdot Mirror
Gentoo Package Accused of Violating DMCA
cshields2 writes "A recent post to the Gentoo mirrors mailing list passes along a DMCA violation claim that one of the mirror admins recieved. Supposively their bot saw the words "Pac" and "Man" in the filename INFMapPacks123FULL-MAN.zip and assumed it was an illegal copy of PAC-MAN. The file is actually for Unreal Tournament Infiltration. This is comical in one sense, but to be read by a hosting company who does not know any better can be frightening. Has anyone else ran into this with good (or even bad) outcomes?"
This is one of the major problems with the DMCA. By negating the need for a court order to be allowed to send these orders they have opened the door to thousands of frivolous and invalid claims. Companies that have made invalid claims such as this one should be punished. At least they should be held liable for any damages if an ISP removes contents that they claim are infringing. Are these letters totally automated? Didn't somebody actually try to download the file and see if it was indeed an unauthorized copy of pacman?
Also,
>Note: The information transmitted in this Notice is intended only for the >person or entity to which it is addressed and may contain confidential >and/or privileged material. Any review, reproduction, retransmission, >dissemination or other use of, or taking of any action in reliance upon, >this information by persons or entities other than the intended recipient >is prohibited.
What is this all about? They are trying to hide the fact that they are sending out these letters?
Visualize the world of wine
I think a good faith effort should involve a little more than lame pattern matching.
So if I've got a file called "HalfLifemappack.zip" on my server they are going to assume that I have an pirated version HL on my webspace/ISP?
What are the factors that decide if a file is really in violation of the DMCA? I can see lots of lameness coming from this type of system.
Simply replying to the letter/emaim they received, and providing a clear, simple-to-understand and short description of the file should be enough to clear any and all misunderstanding.
;-)
Don't turn anthills into mountains, people. I am sure even the dumber PHB can understand that this file has nothing to do with "Pac Man"... Ooops... There goes another DMCA violation!!
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
The bot is causing a false accusation. .. DO NOT USE IT. You cant go around automating an accusation lawsuit process if it doesnt even work properly.
You can't blame it on the program. If your bot is unreliable
21st century witch hunt is what this is.
At least in the 1600's they got the witches right. Somewhat.
What's next, automatic indictment by computer? "Sorry sir, the computer has ascertained that there is a 94% probability that you murdered your wife. The trial begins Wednesday."
This is a good reminder of why people should be supporting the EFF and FSF. This stuff is getting out of control. Copyright law was intended to prevent companies from taking advantage of one another. Not to prevent common and fair use, including sharing. And patent law was meant to encourage innovation, but it no longer does that. People invent stuff, and some company that owns the patents makes money. And people who want to use the idea but not charge for it should not be messed with.
Wake up...
-t
http://unmoldable.com W:"No one of consequence" I:"I must know" W:"Get used to disappointment"
Isn't there an old military saying that goes: "Never interrupt your opponent while he's making a mistake." I think this is the situation in which we find ourselves.
Ooooo, it checks FILE NAMES. And poorly too. That's a very simple text search if all it does is pattern match on that level...Like the profanity filters that will catch "Wish it" or "Cockpit". There is no WAY they are getting anything that even resembles useful information. If PAC and MAN are in the search criteria, I'm surprised they bothered to send out any letters at all.
First of all, that fricking PAC MAN is worthy of that kind of vigilant enforcement is mind boggling. And second that they're willing to poin the finger on so little evidence... I've played that infiltration mod for unreal. Even the most cursory check would show that it violated no copyrights and no IP laws, and, especially that it wasn't fricking PACMAN!
This kind of thing is good, because it shows very clearly the flaws and the flawed minds behind the DMCA.
Now, I'm off to put a bunch of files with misleading filenames up on my site.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Those are privacy-related restrictions which can only be invoked between real people, not by crude filename-grepping scripts dumping output to automatically-selected e-mail addresses.
And where does whoever wrote that varbage get off, saying that no one other than the intended recipient is allowed to act upon the information? What law backs that up?
The more ridiculously-researched "good faith" letters like this go out, the better defense people will have when they simply throw them in the trash.
I don't recall the specifics about how the DMCA requires ISPs to investigate / respond to this kind of crap, but I think any sane judge would agree that it wasn't Congress' intent to force ISPs to spend all sorts of manpower (and, thus, $$) investigating every stupid letter that comes forth.
So bring it on! We need MORE lawyers sending out MORE useless crap so that ISPs can be justified in ignoring all of them, even the ones that actually are well-researched.
(or something like that)
On the part of the company sending that letter out. The DMCA may allow them to do that, but I wonder if it shields them from liability for doing so improperly? Seems like you could sue them for defamation, all the pieces are there. They've accused you of being a software pirate, someone else has seen the accusation and you had to spend time (and money) answering the complaint. I'll admit my knowledge on defamation suits is lacking, maybe someone with more legal background could comment. The real meat is punitive damages and I'm not sure what a court would see in this. Reputations are fragile things and to have yours slandered by someone not exercising a reasonable and appropriate level of care (ie looking at the file name before sending the notice) seems pretty serious. I'd probably at least have my lawyer call them. That gets their attention.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
>Filesize: 161,212k
That's got to be the first time I hear of a 160MB version of PacMan - does it include detailed 3D schematics of the arcade machine as well?
Seriously though, don't they have some filters on identifying infringing files? Like say the latest game is >100MB, an arcade ROM/old game quite a bit less. Otherwise I'd imagine they are getting far too many false positives (they seem to be searching for SEGMENTS of a name - how many files out there do you think include pac and man or sim and city?).
Indeed, what they need to do is call their bluff. Ignore the letter, let them take you to court. Then laugh when they get their ass handed to them by the judge. If they terminate your internet connection under the DMCA, sue. It's about time this BS saw a judge. It can't be overruled until it's challenged.
Give me Classic Slashdot or give me death!
I think we should make sure as many package names as possible contain words that will get picked up by their bot.
That would generate vast amounts of noise for them (and for us, yes), and it would really highlight the madness.
.sigs are for post^Hers.
Set up a Spam-catcher that spots one of these claims, and bounces it back with the message:
You email has been rejected by an automated system, due to previous unjustified DMCA claims in the past all future claims are subject to a $150 an hour surcharge (minimum 10 hours) should there prove to be no infringement.
Please review your claim, and if you are still sufficently convinced that your claim is valid please resubmit your email with the text "I accept the terms and conditions for investigation of my DMCA claim"
Terms and conditions are subject to change without notice.
Would this be legal? It's certainly reasonable: the fee is only charged payable if there is no infringement. If the claimant is sufficiently convinced that they are being ripped off they should be happy to agree- they won't have to pay.
Invoice them for your time and effort. If they refuse to pay, send the invoice and their original "work order" to a collections agency.
There is nothing in the law indicating that you have to obey their orders for free. You just have to obey them to avoid a lawsuit.
Lets assume you're not trolling,
When you run a red light, there is direct evidence that you have done so.
Even after that, you then have the opportunity to go to court and fight that evidence, either with mitigating circumstances (the truck barrelling down on you from behind that pushed you into the intersection) or conflicting evidence (your car was being driven by a different person, because it was stolen or simply because you lent it to your fiance).
So while the evidence is gathered by camera and processed by computer, the decision is still in the hands of a human.
In this case, the DMCA allows a company to order you to Cease and Desist, and moreover, require your ISP to shut you down, without a human review. The only humans involved are the victims (you) and the ISP, who probably won't make trouble for themselves by resisting the C&D.
The Computer is Your Friend!
Trust the Computer.
I had some free time, so I wrote Mr. Hunter a letter regarding this matter.
The subject I used was "Re: Notice of Claimed Infringement"
I designed it to look like a legitimate response to one of these notices. If they receive enough of these protest letters, Mr. Hunter and others at ESA will get a taste of their own medicine
The text follows:
Dear Mr. Hunter,
I have read your notice of claimed infringement.
In your letter, you state "ESA hereby requests AT&T Worldnet Service to immediately remove or disable access to the Infringing Material at the URL address identified above."
The negligence of others is a foreseeable consequence in tort law. Should AT&T have granted your request, you might have been liable for any damages caused by that immediate removal of what you claim to be infringing material.
The file named "INFMapPacks123FULL-MAN.zip" obviously has nothing to do with Pac Man.
You would do well to review the threatening letters that you send out, rather than cavalierly trampling on the rights of others.
Regards,
INSERT-NAME-HERE
concerned citizen
If a human reviewed the file and genuinely thought it was infringing, THEN it would be good-faith. An automated tool that is allowed to generate a list that someone uses to mail "infringement" letters WITHOUT EVER REVIEWING THE FILES IN QUESTION qualifies as IRRESPONSIBLE, and harrassing. Are there provisions in the DMCA to sue for such irresponsible accusations? At the very least, submit an invoice for the cost of dealing with a BAD-FAITH accusation.
Someone should contact the ESA and tell them actions taken like this only serve to make people LESS likely to believe or even care about accusations of infringement since no effort appears to be made for accuracy.
. 62,400 repetitions make one truth -- Brave New World, Aldous Huxley
"...it would be pretty hard to prove it wasn't there."
and that's the problem with the DMCA and other laws like this. With a complex situation or structure you can't prove a negative. This is one of the fundamentals of science, in terms of hyoptheses becoming theories. If there is no way to test a hypothesis in such a way as to get a confirmed pass/fail test, then it's not a very good theory.
As for the 'encoding', read "Radio Free Ablemuth" by Philip K. Dick. It specifically addressed this kind of freakishness with coded messages. Or go see "A Beautiful Mind". Another example of why it's not feasible to go around accusing someone who can't prove a negative result. I feel that it should be criminal to accuse someone without having a verifiable positive first showing that they've actually done something wrong. Yeah, this puts the burden of proof on the accuser. Isn't that what the constitution says, with "Innocent until proven guilty"?
Not to give the media conglomerates any more work or anything...
Do not look into laser with remaining eye.
IANALawyer, but it seems to me the whole "good faith" thing is pivotal to these cases..
Now.. this is not the first time that an obviously erroneous letter of this type has been sent out. There was the whole OpenOffice/MsOffice cockup for a start.
My point is the senders of these letters (the ESA) are obviously aware that their system fires off erroneous letters from time to time.. therefore how can they claim to know IN GOOD FAITH that any given letter sent out by their system is accurate and valid?
Perhaps I could see them claiming good faith if the percentage of bad letters was really, really small, though even that is a moot point (given that you can only have good faith if you believe in the reliability of the system), but it seems this system is getting almost as many misses as hits. Does this give us any way to contest the good faith claim, and then use that to open the door to counterclaims, etc?
Curiosity was framed. Ignorance killed the cat.
Supposively their bot saw the words "Pac" and "Man" in the filename
What does Supposively mean?
eMelody Web Directory add your site today!
I've had a couple people email me, asking what IPs these connects came from so people could firewall off ESA. From what I've seen, each scan is from a different network, most likely random dialup ISPs (though somehow that could be a violation of the ISPs' AUPs).
s ftpd.banned_emails
However, for FTP traffic, I noticed a pattern: all used an anonymous FTP password of guest@nowhere.com. Almost all (relevant) google hits for that address were people talking about these automated mails, so it looks like this is what you should look out for. Also, I can't seem to find a legit FTP client that sends that password, so false positives shouldn't be a problem.
If you run vsftpd, you can put this in your vsftpd.conf:
deny_email_enable=YES
banned_email_file=/etc/v
and putting guest@nowhere.com in vsftpd.banned_emails.
OK, on my hard drive, I have a file called "Unreal.zip". It contains a short story called "Unreal". If someone wants to accuse me of having an illegal copy of the game "Unreal", then they'd have to unzip the file and look at it's contents, otherwise, they have no evidence what so ever. They have no more evidence than if they found a teddy bear in my house, with a label that said gun, and accused me of trying to distribute guns to children.
Labels (which are all filenames are) given to my files have no more or less meaning than I ascribe to them, they are merely mnemonic devices intended to make them easy for me to find. If, for some reason, naming a file "Michael Jackson" helps me find it, then so be it, but there is no "misrepresenting" going on.
There are no tiger attacks in my area and it's all because this rock I'm holding keeps the tigers away.
And this is why I suggested he consult a lawyer. My mention of my "credentials" (so to speak) was just a way of pointing out that I'm forming my opinion from an interest in the law (as opposed to watching "Judging Amy" religiously).
It doesn't make it a "legal opinion", but it may be a bit more educated than some others.
As for him letting it go (respond that it's not Pac Man and then otherwise ignore it). That is the easiest way to deal with this occurrence. The easiest way to deal with spam used to be to delete it.
Do you see the flow of spam decreasing?
So long as everyone lets these lawyers play it fast and loose, without fear of consequences, why should they ever exert the effort to ensure their claims have even a semblance of merit? They can just scattershot the net, being right 1 in 50 times, because just like spam, the expense of dealing with their 49 false claims falls upon the recipients.
These kinds of DMCA letters are getting more frequent, rather than less. So are the subpoenas. If you want to gradually get more and more of these, based on flimsier and flimsier evidence, go ahead and take the path of least resistance.
Otherwise, I believe that every time they're wrong, and they've brought their accusations to a third party (i.e. your ISP), they should be sued for defamation and any other charge you can throw in.
The best way to combat spam is to make it expensive for the spammers to send it.
- Greg
Start a happiness pandemic
Here's a step by step process to get rid of the DMCA
1. Setup organization to overturn DMCA.
2. Collect donations and line up legal council for the lawsuits (step 8).
3. Create honeypot of legal content for material likely to be served DMCA cease-and-desist toilet paper. For example, create ISO image called Microsoft_XP_review_copy which contains nothing but reviews of Microsoft XP generated by organization outlined in step 1. For extra points, make the ISO match byte size and CRC (if possible) of real Microsoft install disk. Make additional honeypots describing IP of BSA, RIAA and MPAA companies,
4. Register honeypot IP with Copyright office. This will increase leverage in court.
5. Put up webpages describing honeypot information.
6. Anonymously tip copyright holder of the IP the honeypot simulates.
7. Wait for DMCA cease-and-desist letter.
8. Dig in heels about Honeypot IP as much as legally possible. File civil suits. Lobby State and Federal AG's for criminal charges -- barratry, fraud and extortion come to mind. Pettition government for redress of grievances. Get your case tried in the court of public opinion as well as the State and Federal Judiciaries.
9. Repeat until DMCA is rule unconstitutional as it violates the following amendments:
1st (free speech, expression and press)
5th (due process)
6th (right to speedy and public trial by jury for criminal offenses)
7th (right to trial by jury for civil violations)
14th (due process AGAIN!)
Any suggestions on this? Improvements?
And then you should have a contextual bot that knows that it is duelling, not dualling...