Slashdot Mirror
Gentoo Package Accused of Violating DMCA
cshields2 writes "A recent post to the Gentoo mirrors mailing list passes along a DMCA violation claim that one of the mirror admins recieved. Supposively their bot saw the words "Pac" and "Man" in the filename INFMapPacks123FULL-MAN.zip and assumed it was an illegal copy of PAC-MAN. The file is actually for Unreal Tournament Infiltration. This is comical in one sense, but to be read by a hosting company who does not know any better can be frightening. Has anyone else ran into this with good (or even bad) outcomes?"
oddly, while he may not be violating copyright laws using gentoo, it looks as if he may be in trouble for posting the email he got!
... is prohibited." I wasn't the intended recipient, so i guess it's illegal for me to review it, or even reproduce it on my screen to be reviewed. ;-p
>Note: The information transmitted in this Notice is intended only for the
>person or entity to which it is addressed and may contain confidential
>and/or privileged material. Any review, reproduction, retransmission,
>dissemination or other use of, or taking of any action in reliance upon,
>this information by persons or entities other than the intended recipient
>is prohibited. If you received this in error, please contact the sender
>and delete the material from all computers.
"Any review, reproduction, retransmission,
http://kered.org
Isn't it possible to sue people who make false claims when issuing DMCA FUD letters?
If companies are you throwing out Cease and Desist letters at random by their bots.. How often do they ever actully follow up on them, or do they just send the letter in the hopes of scaring people off.
The Good Life
When spammers go really bad, a lot of us started generating fake email addresses so their bots would find them and get jammed up with crap.
I think its time the same thing happened with DMCA bots. If they are going to be snooping around everything, lets make A LOT of stuff for them to find! Imagine if all of us created web pages that appeared to hold copywrighted material, but don't. Even just a php or cgi page that generated links with *suspicious words* but nothing of interest. No actual person would use them, but the DMCA bots would see a jackpot. Then, when actual people followed up, they'd find absolutely nothing wrong. That would gum them up pretty badly.
So who wants to spearhead this?
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
ESA has a good faith belief that the Internet site found at {IPAddress} continues to infringe the rights of one or more ESA members by offering for download one or more unauthorized copies of one or more game products protected by copyright
"Sanctions: A form of financial 'punishment' where a Judge can order a party or attorney to pay for not following Court orders or not acting in good faith in a Court proceeding."
While it's all fun and games to laugh at this, what if AT&T had cut off his connection? What if that connection was vital to business?
I don't know how you go and get sanctions levied at organizations like this, but the ESA clearly violated good faith in this circumstance.
"The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
Uh, what if the recipient wants to disseminate the information?
Why yes, I AM a rocket scientist!
and Desist letter citing the DMCA because we have a couple of large files
with the word "Junior" in their names. Junior-2.2-CD1.iso and
Junior-2.2-CD1.iso are in a directory called
which pretty much says that they are
Linux distributions in CD image to anyone vaguely clued.
But Vevendi (or
their funky infringement-seeking robot) thinks they might be the 1994
Arnold S bomb, Junior,
To respond to their completely bogus complaint, we have to grab the files
and install 'em and then report back. At our time and expense. I am not
full of love over this. It's their job to find a infringements -- not just
make a few guesses and then demand that we do the rest of the work for
them for free. Makes me wanna see a movie for free! (not Junior however).
Certified Black Helicopter Pilot *** Unwitting Dupe of One World Gov'ment
My brother and I run a online game called TFOS Mux (www.tfosmux.org). It's based on a roleplaying game by R Talasorian Games and we have permission.
Our game is set in the fictional city of Pebble Beach, in an undetermined state. We state on our web site that it is not affiliated with the original Pebble Beach Golf Course (which we learned about five years after we'd started playing), but jokingly make a comment about a mini golf course for wayward visitors.
In January we received a C&D letter from the lawyers of Pebble Beach Company, stating that our online site was causing confusion in the marketplace and that we must immediatly change our name.
TFOS stands for Teenagers From Outer Space. It's a roleplaying game based in anime, where aliens come to Earth, go to high school and such.
-Aliens
-High School
-Anime
-Statement that we aren't the REAL Pebble Beach
Pebble Beach Company
-Golf
-Florida (or is it CA?)
-Real
These corporations/DMCABots are sending out C&Ds without even looking at what they're sending it out. Five seconds on our web page would have saved them and us a lot of trouble.
Fortunatly, my brother contacted the EFF, and a lawyer wrote to them....and we haven't heard from PBC since.
Worse yet, it's not even the legal system that does the punishing, it's the company which thinks its copyright might have been infringed. Using bots to automatically send out cease-and-desist letters, with no human oversight, is legal under the DMCA. All that's required is that the copyright holder make a "good faith effort," something that has no real meaning other than they have to have done something - what exactly they have to do under the law has never been established. Scary, no?
That's it. I'm no longer part of Team Sanity.
Why hasn't anyone tried to take them to court for wrongful prosecution, or whatever violation they're committing?
It could be construed as harassment. The ESA has deep pockets, and they could get out of it fairly well. I still think that filing small claims for $5K would get their attention if everybody started doing it. You can represent yourself, and say that it caused emotional damage as well as technical time to validate their claim. On top of wasted bandwidth and time, at your contracted rate, you can get a decent damage claim.
"They said this file was infringing, I had to verify no files were actually part of what they were saying. It was unreasonable to assume they made the claim based purely on a filename. I spent 60 hours verifying no intellectual property violations where there, and expect to be compensated."
It would be funny, anyway.
Dacels Jewelers can't be trusted.
We get about 3-4 of these a day, roughly 1 per thousand accounts. It has gotten to the point were you have to review them, to live up to your end of the law. However out of the 90-120 I get per month usually 1 will have any merit at all and this is usually cleared up with all due haste when the webmaster is notified. The funniest one (or saddest depending on how you look at) was when someone tried to register techcomputerbay.com and was notified within 24 hours by ebay that this was copyright infringement because it had e and bay in the domain name. We of course notified the registrant, and told him that this was between him and ebay and we were going to stay out of the way unless ordered by a court to perform an action. Point being this is happening way more than most people realize, and it takes a lot of time to sort through the BS ones.
Gotta move
I thought part of the DMCA process is that the company making the claim has to swear (not the right word... what is it?) that they are the proper owner of the item, and they have the full right to ask for it to be taken down.
At which point, the hosting provider can take it down with immunity.
But if the initial claim is bogus, doesn't that open the door to damages to the person making the false DMCA claim? Obviously, they're at least demonstrating negligence and reckless disregard if they're going on the output of a bot.
Somebody with a clueless ISP, host an ftp site sporting empty files with names like pacman.zip, archon.zip, loderunner.zip, etc.
When the ISP gets the DMCA notice and shuts you down, you sue the sender for disrupting your business. Of course you'll need some kind of front business on the same server.
How small a thought it takes to fill a whole life
May I suggest that someone put together a DMCAbot honeypot with loads of .zip filenames which contain words that appear in many popular games and other copyrighted materials.
If you could go to a court with, say, 100 of these ridiculous claims from a particular firm of lawyers for files in your honeypot, then maybe the courts would listen and do something about these claims?
The next step would be to create a honeypot of files with Linux howto guides for instance, but with names of well known movies in the archive names.
Profit...
Oh well, what the hell...
It's an accusation to an ISP that the ISP's customer is committing a violation of a law and should be whacked, and under the DMCA it's much safer for the ISP to whack them first and apologize later if there's a mistake. There are various legal terms for doing this sort of thing - I'm not sure which of them are torts, which might become torts if the carrier acts on them, which might be crimes (they did say "under penalty of perjury"), and which are just insults.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
No, but each time one of these requests comes through, billing the sender $100 or so for your time and effort in investigating the claim may stop them.
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
Everybody who has a friend or acquaintance named Robert should call 202-223-2400 (Robert L. Hunter IV at the Entertainment Software Association) and ask for Bob. Tell them that you grepped the phone book for your friend's name and their phone number was a hit.
Mea navis aericumbens anguillis abundat
...should "actually *look* at the material before they" issue that patent. Good heavens, that would be like the Boston Strangler to the multibillion dollar sideways swinging industry.
"How to Do Nothing," kids activities, back in print!
No it isn't and no, it isn't. With good steganography it's possible to hide pretty much anything in pretty much anything else (provided the thing you're trying to hide is sufficiently smaller than the thing you're trying to hide it in). It's extremely difficult to certify that a given file does not contain, steganographically, an encoding of another. You could easily hide an 8 bit game in the whitespace of a bundle of documentation, and, unless you knew the algorithm of the encoding, it would be pretty hard to prove it wasn't there.
I'm old enough to remember when discussions on Slashdot were well informed.
Didn't Bill Clinton sign an internet privacy act in 1995 that allows people to say before people connect "if you are government, get out" and therefor make any information obtained without explicit permission to access the server invalid?
We had the same thing happen to us. One of our mirrors recieved a nasty gram about the OpenOffice file that was on their system. A little bit of digging found that their script was assuming ANYTHING with OFFICE in the name was a pirate copy of MS Office. It was rather entertaining.
Scott Carr
I am an admin at Speakeasy, Inc. We got a few of these since they found 'packman' on our rpmfind mirror (speakeasy.rpmfind.net)
It was most enjoyable to write them a rude reply. All those things that you usually afraid to say, I just let it fly. Morons!
Come on folks, a few people have mentioned it already.
EVERY time that someone gets a completely frivolous complaint like this, they should:
1) research it (proving it's stupidity)
2) Bill for it, at consultant rates. Say $250/hr, 2hr minimum. Make sure you send a formal invoice, (explanation of services done, rates, etc.) and include a payment due date.
3) If they don't pay by that date, then either (a) call a collection agency, or (b) sue.
Doing a little bit of extra work now will hurt them enough to make them stop.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
There's a penalty only if ESA wasn't the legal body meant to represent the copyright holder of Pac-Man. Ie, they're not commiting perjury in that regard. The problem is, obviously, that there's no penalty for going after any work so long as you represent the work you claim is being infringed. So, if you wanted to, you could find every file on riaa.com and claim it infringed some essay assignment (you automatically own the copyright on any work you create), and you'd not be committing perjury. We could, really, DDoS companies pretty easily if we wanted to based on this law.
This one is easily enough dealt with by a slight amendment to the DCMA.
What we have to due, is to introduce a requirement that any "violation notices" be based on a reasonable belief that IP is being infringed and then make the complaining party responsible for any legal expenses on the part of the accused party for an unreasonable violation notice.
It would be a bit like the British, loser pays system, that forces a party realy consider the strength of their case prior to bringing it or defending it at all costs. It helps prevent the kind of "litigation extorition" that we see all the times in the states.
A great example of "litigation extorition" happened to me and my wife shortly after we got married. We decided to install a gas stove (you need that for good Chinese cooking) and needed a gas line to do so. To install the gas line we needed access to the easement inside our neighbors yard (zero lot line). We requested it in writing heard nothing. Assuming that silence implies consent - an old Common Law Legal concept - we went forward with accessing the easement. The day of the installation in the evening a police officer shows up on our doorstep, after getting my wife's version of events he stated, "there is nothing here!" A week later we got a letter from an attorney from our neighbor asking for $1,000 or the name of our insurance company to "resolve this matter".
Well, my wife is a supervising paralegal and I am someone who has read a lot of law. We knew a shake down when we say it. So, we put together a little package (12 exhibits in total) informing them that we were willing to drop this matter at this point, but if they pursued it further that we would be counter-suing. We also dropped a line on the State Bar Association Office of Professional Conduct about this attorney. A few days later we got a note that the attorney in question was no longer representing this client and to forward any and all communications to our neighbor (a breach of Legal ethics, which we sent onto the Office of Professional Conduct).
The bottom line, needless litigation is like Spam: if we increase the cost just a little, it will dramatically reduce it. The problem is that in the US Legal system is doesn't (if you are in the right financial situation) cost you anything but your time and energy to force people to spend money responding to you. If we make people pay some of the cost of litigation.
Everyone who runs a box on a cable modem or on a network should consider getting the LaBrea tarpit. For those who don't know, this software is used to slow down worm activity, however it can be used to hang DMCAbot as well.
:)
Have this listen to port 21 on your networks and watch DMCAbot hang indefinately (your mileage may very).
Also, just to cause lots of fun, try doing the following: dd if=/dev/urandom bs=1024 count=142 | gzip -c > (MSOffice|PacMan|Zelda|Matrix|.gz) and let DMCAbot spam ISPs with worthless crap until they add an SMTP deny rule.
Anyway, just some ideas.
What if there were more open-source packages that seemingly contain commercial material, so that they give up trying to keep track of these DMCA violations? Same principle as with an Emacs package (I believe it's called spooky) that inserts words like terrorist', 'bomb', and 'secret' in e-mail headers to 'slashdot' a reported NSA server checking all e-mails for illegal activities.
IANAL (although I did score 163 on the LSAT's and turned down a partial scholarship to law school), but this appears to me to be a case of Defamation, Tortious Interference, and Abuse of Process.
Note they claim a good faith belief. Based on what? It's based on insufficient investigation to found a "good faith belief", and is therefore negligent. Their reckless act has caused you, among other ills: personal distress, time lost in correcting the matter, and harm to your reputation.
You should definitely consult a lawyer about your rights to sue this law firm for their reckless and defamatory acts against you!
- Greg
Start a happiness pandemic
I thought that Palladiam/TCPA included the ability to restrict copying of material by anyone other than the creator of the data. If so, then the only way to copy the data would be through some analog hole. A simple cut and past would not work.
Sounds like Palladium/TCPA would make it very difficult to copy and distribute restricted emails. Did I miss something?
God grant me serenity to accept code I can't change, courage to change the code I can, and wisdom to know the difference
For those who missread, they attested under punishment of perjury that they represented said game publishers, not that the information in the entire letter was correct.
Liberty.
Code 431.322.12 of the Internet Privacy Act signed by Bill Clinton in 1995 means that if a sysop states that certain users must leave (i.e. MPAA, government, law enforcement), those users can NOT threaten the sysop's ISP or any person(s) or company, cannot prosecute any person(s) affiliated with the sysop which includes family, friends or individuals who run or enter this web site or else face procsecution by the U.S. legal team to the fullest extent possible under law.
Well, OK, not really. But that was my assumption when I saw the article -- that some anti-DMCA hacker was trying to draw attention to the silliness of it all. I mean, Pac Man? Come on ...
...
So I've seen suggestions on this board that we make honeypots to draw the bots into a world of false positives. Let's do them one better -- let's make our own bots to send cease and desist letters at random, and really discredit the whole concept. Send a letter for every file that contains the word 'Men' or 'Day' or 'Part 2'. Lots of copyrighted material with names like that
Something to remember about systems is that they have limitations. Something can only store or process so much information at any given point. If people determine the functional bounds of the system, they know how to break it or render it less useful.
Case in point: the idea of a national database on everyone alive
If one, hypothetically, saw the creation of a national database on people, it wouldn't be hard to 'fake' information on a decent scale that is patently false information. It would require some creativity, but it could probably be done in a way that isn't even illegal. It's called fiction. Create stories with names in them, create stories with numbers in them. Make up numbers. We all know that social security numbers are XXX-XX-XXXX format, so it wouldn't be hard to say that "Ol' Jim Houston" has 234-11-5532 for a social security number. So, the national database spidering software might pick up that number and note that the true owner of that number has an alias of "Ol' Jim Houston". Write a story about this character where he uses his 'number', so it comes up. Movies do it all of the time, if you've ever seen "FX", they used SSNs in determining information about bad guys. Create "likes" pages. Say someone likes guns, or rabbits, or construction, or water parks, or anything. Email it around. If there's something out there that we don't like, it'll collect the information. Email "bad" words around without context, in such a way that they trip Carnivore or similar systems but do such in a way to make it obvious that they're complete and utter bullshit.
Make the system have so much information to process, categorize, and store that it either has to ignore information entirely or that it fails in the middle of doing its job. Or, make it so that if it manages to process everything that it gets that it stores so much bad information that the 'record' for any given individual is useless. I'd love to see it store that I go dowhill skiing every Northern Hemisphere summer down in Australia, or that I frequent BDSM clubs, or that I helped design the rocket car "The Spirit of America", just so that there is no credibility to any of the information at all in the system, since nothing can be easily verified as being correct. This breaks the system at a use level.
If a million geeks decide to do this, the ability for any given system to work is very low. I'm sure that people will complain that we're endangering national security, but remember, terrorists that we've seen, Timothy McVeigh, the DC area snipers, the Abortion Clinic bombers, and the WTC/Pentagon attackers, didn't do what they did in a way that was detectable through the methods that they want to start using. They did it with a rental truck and farming fertilizer, or boxcutters, or a rifle and a sheetmetal-modified car. Does any of this revolve around computers? ANY of it?
Do not look into laser with remaining eye.
This is an automated reply to you automated violation message. You will get a real response from a real person when you have a real person verify the claim and send a real note.
Could ISPs start publishing a reasonable fee to investigate a DMCA complaint?
Care to site some caselaw on this? I'm not a lawyer, but a came up with asummary of an PDF Iowa case filed in U.S. Bankrupct Court in the Southern District of Iowa.
In this case, the Plantiff (Peggy Tucker) had brought a small claims action against two Defendants because of an allegation made that she has fraudulently rented videotapes using one Defendant's name. The Plantiff was interrogated by police and later cleared of the allegations of fraud. However, she alleged that the allegations constituted intertional influction of emotional distress under Iowa law (paragraph 7).
In the judgement, the court found that:
As I am neither a lawyer nor a law student, I don't have the energy to wade through the rest of the court summary. But at the end, it does state that the judgement in favor of the Plaintiff was made persuant to 11 U.S.C. section 523(a)6. This indicates that the judgement was made not under Iowa law, but under U.S. Federal law. As such, perhaps a similar argument could be made against ESA, although the Federal definition of "emtional distress" may be different from those of Iowa.
As a larger comment on the Slashdot community as a whole: as I said, I am not a law student (actually a computer science student), but I took about 2 minutes of my time to look up a piece of relavent caselaw, and then another 20 minutes of my time to wade through it (this is why I'm not a law student..) I did not simply type some one-off, unfounded comment which, while intended in humor, is an indication a type of general apathy apparently seemingly prevalent among a portion of the Slashdot readership (or commentator-ship, at least).
In an earlier post in this "discussion" (although it isn't really a discussion, because it does nothing to encourage the persuasion of personal opinions or the formation of plans of action), "Rifter" states that "Since the Attorneys General [..] refuse to prosecute any of these entities for their numerous perjories [..] [the entities] see no need for due diligence [..] [resulting] in scenarios like this"
This comment was rated a 5, but since "Rifter" does not show his email publicly, there is no way that like-minds can talk to him about what he said. Given his comment (which is true), an obvious course of action is for each of the apparently hundreds of people who have taken the time to comment on this article (including myself) to organize and write letters - even form letters - to various Attorneys General urging them to vigourously investigate and prosecute allegations of purjury in cases such as this. Yet I saw no suggestions of such nature made (perhaps I missed it though..)
I find it very hard to believe that this C&D letter is an isolated incident - after all, who would particularly have an axe to grind with Gentoo? Furthermore, there have bee
So, if you had a non infringing file up, and they sent you a C&D, would it be appropriate to send them back a very strongly worded letter telling them to go do nasty things to their lawyers and that you refuse to remove the file (making no mention that the contents of the file are not infringing)?
If you managed to piss them off enough to spend some more resources actually persuing the matter, you could have some fun consuming some of their resources without risking anything.
True, but. Be careful. Forwarding the information is fine, forwarding the actual correspondance probably isn't. The correspondance is (by default thanks to the Berne Convention) protected by copyright. So if you summarize the facts from the message and pass those facts on, you're fine. If you copy the message, you might be opening yourself up to copyright infringement.
Ethically, well, that's your business. Personally, I'd follow the directions (delete the message, maybe warn the sender of the accident if I was in a good mood), unless the message represented something dangerous or criminal (accidental release of medical information, insider trading, whatever). Then I'd pass the message on to the appropriate authorities.
Search 2010 Gen Con events
If you're sending out this sort of message, you damn well better be shooting for 100% accuracy! Every single false positive must be investigated to assure that it never happens again.
Well, it's a nice theory at least.
The point of a DMCA letter is to notify the ISP. The ISP, to remain safe from prosecution, must take down the file in question . Even if the person who posted the file claims that it is not infringing and files a counter-claim, the ISP cannot return the file for 10 days. This amounts to a non-judicially reviewed gag order for 10 days, a horrible infringement on the first amendment.
In the worst example, several web forums were posting leaking prices from the post-thanksgiving sale at Wal-Mart. Wal-Mart wrongfully claimed copyright protection on the information (you can copyright fliers, but not the actual prices, as the prices are just facts). The people running the web site objected, but thanks to the DMCA, the posts came down for the required 10 days, coinciding with the end of the post-thanksgiving day sale. At that point, Wal-Mart declined to push the claim (they knew it was bogus) and the posts went up. A free gag order, just when Wal-Mart needed it, without any pesky checks-and-balances to protect the public.
Search 2010 Gen Con events
That the have Pacman on their hitlist, if only due to the fact that it is extemely old and many many clones have since been made (whether legit or not nonwithstanding).
I've just been thinking, that if they've decided to include 20-year-old+ video games in their hitlists, how many screwed up keywords will they have in there. I mean, 20+ years of movie/game/etc title keywords is a whole lot of stuff that could be incorrectly tagged as a false positive.
Hell, are there any common words not used in the last X years of cheesy movie/game titles?
Actually, I like the idea you are presenting, but its not enough. I won't put a list here, but we can figure out what names they are looking for based on just the pacman incident. what we need is to flood our own ftp servers with small text files with names that would imply a violation. In other words, create so much noise that their scanning becomes useless. I am sure someone here can add to this concept and come up with a better simple plan to impliment this. A list of potential infringing names, or better yet a link to it, would be a good start.
:D
We dont need to pretend that they are not really "pacman" by hiding the name in another. Just calling them "pacman-rom", "matrix-divx" or "galaga-rom" is fine, or similar. its not illegal to name a file any damn name you want. Its your text file, call it what you want. Now someone go make us a list so that we can can create a text file and cp it to death (or ln -s it)
Tequila: It's not just for breakfast anymore!
The correspondance is (by default thanks to the Berne Convention) protected by copyright.
Somehow i doubt that. If i write directions to a local bar for you, is that really something that gets copyrighted just because i wrote it? If i have a conversation with someone, do we exclusively own the copyright to that conversation? I doubt that either of those examples would be something that can be copyrighted, any more then a students notes from a class are copyrightable.
Actually, yes. My directions are copyright by me the moment they're transfixed in some media. Your writing them down theoretically counts.
That said, facts cannot be protected by copyright. The majority, if not the entirety of my directions will like be facts. So if you just write down "South on Maple Street, turn left onto Johnson (near the gas station), and go three blocks, bar's on the left", that's darn near pure fact. However, if you transcribe my entire directions including my idiomatic language and quirky side notes, well, you'd have something I could definately claim copyright to.
So long as it was transfixed in some form (say, I tape recorded it), sure enough. Heck, many documentaries are filled with conversations of this sort; you'd be hard pressed to air such a thing without permission. (There is an important exception when you're reporting the conversation as news. You can't use copyright to stifle something idiotic you said to a reporter.)This is actually the most obvious case. The facts that the teacher conveys cannot be protected by copyright. The specific way in which he conveys them is protected, assuming that it's transfixed (Say, through someone taking near-exact shorthand, or tape recording it). The specific notes a student takes (Assuming that it's largely their own rephrasing of the facts conveyed) are protected by copyright for the student. There is even a very real argument that the student's notes represent a derivative work of the teacher's class, thus redistribution or sale could be controlled by the teacher. Some examples are here and here. I don't actually agree with this point of view, but it's definately not a crystal clear case.
All of this is, believe it or not, for your protection. Your creations are protected, even if you didn't think to protect it in advance. The specific examples you give are a bit silly, but it's true. Maybe during a conversation on politics you give a brilliant rebuttable that convinces everyone that you are right. I'd be pretty ticked off if the journalist who happened to be recording an interview with someone else at the next table over noticed my brilliant speech in the background of their tape, transcribes it, and passes it off as his own work.
Search 2010 Gen Con events