Slashdot Mirror
Gentoo Package Accused of Violating DMCA
cshields2 writes "A recent post to the Gentoo mirrors mailing list passes along a DMCA violation claim that one of the mirror admins recieved. Supposively their bot saw the words "Pac" and "Man" in the filename INFMapPacks123FULL-MAN.zip and assumed it was an illegal copy of PAC-MAN. The file is actually for Unreal Tournament Infiltration. This is comical in one sense, but to be read by a hosting company who does not know any better can be frightening. Has anyone else ran into this with good (or even bad) outcomes?"
If companies are you throwing out Cease and Desist letters at random by their bots.. How often do they ever actully follow up on them, or do they just send the letter in the hopes of scaring people off.
The Good Life
When spammers go really bad, a lot of us started generating fake email addresses so their bots would find them and get jammed up with crap.
I think its time the same thing happened with DMCA bots. If they are going to be snooping around everything, lets make A LOT of stuff for them to find! Imagine if all of us created web pages that appeared to hold copywrighted material, but don't. Even just a php or cgi page that generated links with *suspicious words* but nothing of interest. No actual person would use them, but the DMCA bots would see a jackpot. Then, when actual people followed up, they'd find absolutely nothing wrong. That would gum them up pretty badly.
So who wants to spearhead this?
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
ESA has a good faith belief that the Internet site found at {IPAddress} continues to infringe the rights of one or more ESA members by offering for download one or more unauthorized copies of one or more game products protected by copyright
"Sanctions: A form of financial 'punishment' where a Judge can order a party or attorney to pay for not following Court orders or not acting in good faith in a Court proceeding."
While it's all fun and games to laugh at this, what if AT&T had cut off his connection? What if that connection was vital to business?
I don't know how you go and get sanctions levied at organizations like this, but the ESA clearly violated good faith in this circumstance.
"The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
and Desist letter citing the DMCA because we have a couple of large files
with the word "Junior" in their names. Junior-2.2-CD1.iso and
Junior-2.2-CD1.iso are in a directory called
which pretty much says that they are
Linux distributions in CD image to anyone vaguely clued.
But Vevendi (or
their funky infringement-seeking robot) thinks they might be the 1994
Arnold S bomb, Junior,
To respond to their completely bogus complaint, we have to grab the files
and install 'em and then report back. At our time and expense. I am not
full of love over this. It's their job to find a infringements -- not just
make a few guesses and then demand that we do the rest of the work for
them for free. Makes me wanna see a movie for free! (not Junior however).
Certified Black Helicopter Pilot *** Unwitting Dupe of One World Gov'ment
My brother and I run a online game called TFOS Mux (www.tfosmux.org). It's based on a roleplaying game by R Talasorian Games and we have permission.
Our game is set in the fictional city of Pebble Beach, in an undetermined state. We state on our web site that it is not affiliated with the original Pebble Beach Golf Course (which we learned about five years after we'd started playing), but jokingly make a comment about a mini golf course for wayward visitors.
In January we received a C&D letter from the lawyers of Pebble Beach Company, stating that our online site was causing confusion in the marketplace and that we must immediatly change our name.
TFOS stands for Teenagers From Outer Space. It's a roleplaying game based in anime, where aliens come to Earth, go to high school and such.
-Aliens
-High School
-Anime
-Statement that we aren't the REAL Pebble Beach
Pebble Beach Company
-Golf
-Florida (or is it CA?)
-Real
These corporations/DMCABots are sending out C&Ds without even looking at what they're sending it out. Five seconds on our web page would have saved them and us a lot of trouble.
Fortunatly, my brother contacted the EFF, and a lawyer wrote to them....and we haven't heard from PBC since.
Why hasn't anyone tried to take them to court for wrongful prosecution, or whatever violation they're committing?
It could be construed as harassment. The ESA has deep pockets, and they could get out of it fairly well. I still think that filing small claims for $5K would get their attention if everybody started doing it. You can represent yourself, and say that it caused emotional damage as well as technical time to validate their claim. On top of wasted bandwidth and time, at your contracted rate, you can get a decent damage claim.
"They said this file was infringing, I had to verify no files were actually part of what they were saying. It was unreasonable to assume they made the claim based purely on a filename. I spent 60 hours verifying no intellectual property violations where there, and expect to be compensated."
It would be funny, anyway.
Dacels Jewelers can't be trusted.
We get about 3-4 of these a day, roughly 1 per thousand accounts. It has gotten to the point were you have to review them, to live up to your end of the law. However out of the 90-120 I get per month usually 1 will have any merit at all and this is usually cleared up with all due haste when the webmaster is notified. The funniest one (or saddest depending on how you look at) was when someone tried to register techcomputerbay.com and was notified within 24 hours by ebay that this was copyright infringement because it had e and bay in the domain name. We of course notified the registrant, and told him that this was between him and ebay and we were going to stay out of the way unless ordered by a court to perform an action. Point being this is happening way more than most people realize, and it takes a lot of time to sort through the BS ones.
Gotta move
I thought part of the DMCA process is that the company making the claim has to swear (not the right word... what is it?) that they are the proper owner of the item, and they have the full right to ask for it to be taken down.
At which point, the hosting provider can take it down with immunity.
But if the initial claim is bogus, doesn't that open the door to damages to the person making the false DMCA claim? Obviously, they're at least demonstrating negligence and reckless disregard if they're going on the output of a bot.
Somebody with a clueless ISP, host an ftp site sporting empty files with names like pacman.zip, archon.zip, loderunner.zip, etc.
When the ISP gets the DMCA notice and shuts you down, you sue the sender for disrupting your business. Of course you'll need some kind of front business on the same server.
How small a thought it takes to fill a whole life
May I suggest that someone put together a DMCAbot honeypot with loads of .zip filenames which contain words that appear in many popular games and other copyrighted materials.
If you could go to a court with, say, 100 of these ridiculous claims from a particular firm of lawyers for files in your honeypot, then maybe the courts would listen and do something about these claims?
It's an accusation to an ISP that the ISP's customer is committing a violation of a law and should be whacked, and under the DMCA it's much safer for the ISP to whack them first and apologize later if there's a mistake. There are various legal terms for doing this sort of thing - I'm not sure which of them are torts, which might become torts if the carrier acts on them, which might be crimes (they did say "under penalty of perjury"), and which are just insults.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
No, but each time one of these requests comes through, billing the sender $100 or so for your time and effort in investigating the claim may stop them.
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
...should "actually *look* at the material before they" issue that patent. Good heavens, that would be like the Boston Strangler to the multibillion dollar sideways swinging industry.
"How to Do Nothing," kids activities, back in print!
We had the same thing happen to us. One of our mirrors recieved a nasty gram about the OpenOffice file that was on their system. A little bit of digging found that their script was assuming ANYTHING with OFFICE in the name was a pirate copy of MS Office. It was rather entertaining.
Scott Carr
Come on folks, a few people have mentioned it already.
EVERY time that someone gets a completely frivolous complaint like this, they should:
1) research it (proving it's stupidity)
2) Bill for it, at consultant rates. Say $250/hr, 2hr minimum. Make sure you send a formal invoice, (explanation of services done, rates, etc.) and include a payment due date.
3) If they don't pay by that date, then either (a) call a collection agency, or (b) sue.
Doing a little bit of extra work now will hurt them enough to make them stop.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
This one is easily enough dealt with by a slight amendment to the DCMA.
What we have to due, is to introduce a requirement that any "violation notices" be based on a reasonable belief that IP is being infringed and then make the complaining party responsible for any legal expenses on the part of the accused party for an unreasonable violation notice.
It would be a bit like the British, loser pays system, that forces a party realy consider the strength of their case prior to bringing it or defending it at all costs. It helps prevent the kind of "litigation extorition" that we see all the times in the states.
A great example of "litigation extorition" happened to me and my wife shortly after we got married. We decided to install a gas stove (you need that for good Chinese cooking) and needed a gas line to do so. To install the gas line we needed access to the easement inside our neighbors yard (zero lot line). We requested it in writing heard nothing. Assuming that silence implies consent - an old Common Law Legal concept - we went forward with accessing the easement. The day of the installation in the evening a police officer shows up on our doorstep, after getting my wife's version of events he stated, "there is nothing here!" A week later we got a letter from an attorney from our neighbor asking for $1,000 or the name of our insurance company to "resolve this matter".
Well, my wife is a supervising paralegal and I am someone who has read a lot of law. We knew a shake down when we say it. So, we put together a little package (12 exhibits in total) informing them that we were willing to drop this matter at this point, but if they pursued it further that we would be counter-suing. We also dropped a line on the State Bar Association Office of Professional Conduct about this attorney. A few days later we got a note that the attorney in question was no longer representing this client and to forward any and all communications to our neighbor (a breach of Legal ethics, which we sent onto the Office of Professional Conduct).
The bottom line, needless litigation is like Spam: if we increase the cost just a little, it will dramatically reduce it. The problem is that in the US Legal system is doesn't (if you are in the right financial situation) cost you anything but your time and energy to force people to spend money responding to you. If we make people pay some of the cost of litigation.
Everyone who runs a box on a cable modem or on a network should consider getting the LaBrea tarpit. For those who don't know, this software is used to slow down worm activity, however it can be used to hang DMCAbot as well.
:)
Have this listen to port 21 on your networks and watch DMCAbot hang indefinately (your mileage may very).
Also, just to cause lots of fun, try doing the following: dd if=/dev/urandom bs=1024 count=142 | gzip -c > (MSOffice|PacMan|Zelda|Matrix|.gz) and let DMCAbot spam ISPs with worthless crap until they add an SMTP deny rule.
Anyway, just some ideas.
What if there were more open-source packages that seemingly contain commercial material, so that they give up trying to keep track of these DMCA violations? Same principle as with an Emacs package (I believe it's called spooky) that inserts words like terrorist', 'bomb', and 'secret' in e-mail headers to 'slashdot' a reported NSA server checking all e-mails for illegal activities.
IANAL (although I did score 163 on the LSAT's and turned down a partial scholarship to law school), but this appears to me to be a case of Defamation, Tortious Interference, and Abuse of Process.
Note they claim a good faith belief. Based on what? It's based on insufficient investigation to found a "good faith belief", and is therefore negligent. Their reckless act has caused you, among other ills: personal distress, time lost in correcting the matter, and harm to your reputation.
You should definitely consult a lawyer about your rights to sue this law firm for their reckless and defamatory acts against you!
- Greg
Start a happiness pandemic
Well, OK, not really. But that was my assumption when I saw the article -- that some anti-DMCA hacker was trying to draw attention to the silliness of it all. I mean, Pac Man? Come on ...
...
So I've seen suggestions on this board that we make honeypots to draw the bots into a world of false positives. Let's do them one better -- let's make our own bots to send cease and desist letters at random, and really discredit the whole concept. Send a letter for every file that contains the word 'Men' or 'Day' or 'Part 2'. Lots of copyrighted material with names like that
Something to remember about systems is that they have limitations. Something can only store or process so much information at any given point. If people determine the functional bounds of the system, they know how to break it or render it less useful.
Case in point: the idea of a national database on everyone alive
If one, hypothetically, saw the creation of a national database on people, it wouldn't be hard to 'fake' information on a decent scale that is patently false information. It would require some creativity, but it could probably be done in a way that isn't even illegal. It's called fiction. Create stories with names in them, create stories with numbers in them. Make up numbers. We all know that social security numbers are XXX-XX-XXXX format, so it wouldn't be hard to say that "Ol' Jim Houston" has 234-11-5532 for a social security number. So, the national database spidering software might pick up that number and note that the true owner of that number has an alias of "Ol' Jim Houston". Write a story about this character where he uses his 'number', so it comes up. Movies do it all of the time, if you've ever seen "FX", they used SSNs in determining information about bad guys. Create "likes" pages. Say someone likes guns, or rabbits, or construction, or water parks, or anything. Email it around. If there's something out there that we don't like, it'll collect the information. Email "bad" words around without context, in such a way that they trip Carnivore or similar systems but do such in a way to make it obvious that they're complete and utter bullshit.
Make the system have so much information to process, categorize, and store that it either has to ignore information entirely or that it fails in the middle of doing its job. Or, make it so that if it manages to process everything that it gets that it stores so much bad information that the 'record' for any given individual is useless. I'd love to see it store that I go dowhill skiing every Northern Hemisphere summer down in Australia, or that I frequent BDSM clubs, or that I helped design the rocket car "The Spirit of America", just so that there is no credibility to any of the information at all in the system, since nothing can be easily verified as being correct. This breaks the system at a use level.
If a million geeks decide to do this, the ability for any given system to work is very low. I'm sure that people will complain that we're endangering national security, but remember, terrorists that we've seen, Timothy McVeigh, the DC area snipers, the Abortion Clinic bombers, and the WTC/Pentagon attackers, didn't do what they did in a way that was detectable through the methods that they want to start using. They did it with a rental truck and farming fertilizer, or boxcutters, or a rifle and a sheetmetal-modified car. Does any of this revolve around computers? ANY of it?
Do not look into laser with remaining eye.
This is an automated reply to you automated violation message. You will get a real response from a real person when you have a real person verify the claim and send a real note.
So, if you had a non infringing file up, and they sent you a C&D, would it be appropriate to send them back a very strongly worded letter telling them to go do nasty things to their lawyers and that you refuse to remove the file (making no mention that the contents of the file are not infringing)?
If you managed to piss them off enough to spend some more resources actually persuing the matter, you could have some fun consuming some of their resources without risking anything.
If you're sending out this sort of message, you damn well better be shooting for 100% accuracy! Every single false positive must be investigated to assure that it never happens again.
Well, it's a nice theory at least.
The point of a DMCA letter is to notify the ISP. The ISP, to remain safe from prosecution, must take down the file in question . Even if the person who posted the file claims that it is not infringing and files a counter-claim, the ISP cannot return the file for 10 days. This amounts to a non-judicially reviewed gag order for 10 days, a horrible infringement on the first amendment.
In the worst example, several web forums were posting leaking prices from the post-thanksgiving sale at Wal-Mart. Wal-Mart wrongfully claimed copyright protection on the information (you can copyright fliers, but not the actual prices, as the prices are just facts). The people running the web site objected, but thanks to the DMCA, the posts came down for the required 10 days, coinciding with the end of the post-thanksgiving day sale. At that point, Wal-Mart declined to push the claim (they knew it was bogus) and the posts went up. A free gag order, just when Wal-Mart needed it, without any pesky checks-and-balances to protect the public.
Search 2010 Gen Con events