Slashdot Mirror
RIAA Files 532 Lawsuits
Like2Byte writes "The RIAA is at it again. This time, Yahoo! News is reporting that 532 file sharers' IP addresses are being submitted to the courts instead of their names because ISPs decline to name people and the courts previous blocks. Music lawyers filed the newest cases against 'John Doe' defendants -- identified only by their numeric Internet protocol addresses -- and expected to work through the courts to learn their names and where they live."
people yesterday. They said copying movies from the Internet costs them money and puts people out of a job. The ad was well done and would be understood by most anybody. The music folks are just an order of magnitude stupider than the movie people are. Instead of messaging combined with clear product value propositions and additional rewards for buying more product, we get lawsuits, attempts to fix pricing on CD media, media that does not work, trash artists and on and on and on.... No wonder these dumbasses are having such a hard time. Hope each one of those lawsuits cost them a bundle. Maybe they will think back to the early Napster days and a reasonable offer. If they had only taken it, things would be cast in a far different light today. You reap what you sow.
Does anyone know if this is legal? I mean, this is like bringing a shoe into court and saying "I found this shoe on my lawn, I want to sue the person who left it there because I'm pretty sure they crapped on my lawn" Even if logs match up, will an IP address be enough proof, even in a civil case?
I work at the my school's computer help desk and just yesterday we got a phone call asking us to shutdown a certain IP address because the user was found to be in violation of copyright law. I have a feeling this is linked to this RIAA lawsuit business.
This is what they should have been doing from the beginning, instead of trying to weasel their way around the law and demanding proprietary customer information from ISPs so they can bully them with settlement offers. This gets the process into the courts where it belongs.
Sure the RIAA is still evil, but they're improving their tactics, and should be commended for that. Going after P2P sharing services is wrong, demanding proprietary information from ISPs is wrong, filing John Doe copyright infringement suits is NOT WRONG - it's EXACTLY what you should do if you find people sharing binary apps derived from your GPL'd project and you don't have a way to contact them yourself.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Of course, then the government will enforce log retention policies for everyone operating any sort of servers anywhere for any reason. Just like companies are legally obligated to retain financial, tax, customer and other business records for three or seven years - they will soon be required by law to retain server logs for as many years, most likely.
I wonder what will happen when your server crashes or you wipe over a hard drive or you go out of business or you have a drive malfunction or something - and it's out of your hands.
"Judge, one of my neighbours grabbed an IP from my wireless router and was using KaZaa, not me, I swear..."
how are they going to address that???
there's no place like ~
US Democracy:The best person for the job (among These pre-selected choices...)
Interesting, the ISP's won't give up their names, but try typing in http://128.111.80.86/ which is one of the entries. This leads you to the University of California - Santa Barbara's security we page. So they NAT all their users apparently, how helpful is that? :P
just = (My)Opinion.toCents();
Anyone remember the episode of Law & Order where they had only days to track down a rapist... and tried to use DNA 'fingerprint' to issue a John Doe warrant? Courts rejected it.
s id ebar_dna.html
D NA _John%20Doe_warrants.html
l en t_witness_volume_7_number_1_2002.html
However several new reports allow this and it's still? waiting for supreme court review. I can't find anything about any further challenges- but I don't know what I'm not searching.
http://www.courttv.com/news/hiddentraces/yalem/
https://coldhit.doj.ca.gov/dna/news10.htm
http://www.denverda.org/html_website/denver_da/
http://www.ndaa.org/publications/newsletters/si
You know, at my apt we have a Wireless Network which is shared by 3 other roomies.
Sometimes, my neighbours use it too when their net is slow. All in all, one DSL shared by ateast 5-6 peple.
Now, any one person could have used their system for P2P. Are the going to take all 6 of us to court just because one IP has been logged?
Has anyone had similar experiences? What would the RIAA do in such a situation?
Time to buy a new $10 network card.
Floating face-down in a river of regret...and thoughts of you...
I was hoping that subpoena decision wouldn't discourage them. The more people they sue, the more they'll motivate the general populace to turn strong encryption and anonymous networks into mainstream technologies. The RIAA is helping the cause more than the cypherpunks ever did.
Everyone is bringing up the question of how long the logs would be kept for. Remember back when the US govt. was (possibly still is) granting itself the power to check out what books you were reading at the library? Remember how the librarians decided to destroy the records because it was legal? How long until ISPs get the idea and follow suit? No records, no court. Remember, ISPs want to keep customers, one way is to have a strong privacy policy.
Next hurdle for the RIAA is to PROVE these people were actually offering or distributing actual content the RIAA members own the copyright to. A file name or a list of file names/or mp3 tags is NOT going to stand up in a real court. I would think they should have to prove that person was actually distributing an actual copyrighted file by downloading the whole thing or a major portion of that file from only that one person (not getting it from multiple users either) and have some type of timestamped logs or process of the file transfer to stand behind their evidence gathering. Metallica_-_Ride_the_Lightning_01.mp3 can contain anything. A file name is not a copyright violation and without evidence, you would have to assume what the content was. There is no provision in the DMCA to fall back on that can override actual evidence is there? IANAL but since these RIAA lawsuits are civil and not criminal, I don't believe they can obtain a search warrant to come for your physical equipment either. Who knows.
Bad boys rape our young girls but Violet gives willingly.
Like I said, what a joke.
(If you're interested, I've got the e-mail chain between my buddy and EMI.)
It is not our abilities that show what we truly are... it is our choices.
Undoubtedly the RIAA will say that you, as the person who has the account with the ISP, are responsible for whatever data is transmitted.
And most likely that claim would stick, unless you chose to rat out your room mates.
Three Squirrels
(Posting anonymous 'cause I don't want trouble)
It seems to me that we've already got this great big P2P filesharing system that's been around since the early '80s (USENET).
There are various binaries newsgroups where people request music and other people post it - sure it sometimes gets split into 30 posts (which makes it a pain to deal with), but what if we had some software that made it automatic to go and search out the name of a song, download those 30 posts, remove the extraneous header/footer info, merge the files and uudecode? (and something similar to go the other way -> you want to post a song so it splits the file appropriately and uuencodes.
The poster in this scenario runs the risk of RIAA lawsuit, not the downloader (I don't think there is anyway to determine who has downloaded a certain set of files).
Of course, if you don't want to be traced you could use some sort of anonymous email account for posting.
Would this work?
These are in the list twice
2 12.198.251.665 3.197.275 3.94
12.100.15.167
204.201.220.33
208.150.224.18
216.136.13.252
216.38.33.66
216.
38.201.184.162
63.199.63.218
64.132.1
64.242.223.111
65.105.125.126
66.250.69.1
210.73.74.200 is in 3 times
I count 518 uniques
Intellectual Property theft is still theft
True... unless you're of the belief that the very concept of "Intellectual Property" itself is morally bankrupt at worst and/or copyright terms have been over-extended at best.
Basically, the only compelling argument for someone to download the RIAA's music from P2P networks is that they feel that copyright in its current incarnation and/or the draconian penalty for infringing copyright is morally wrong and that they are engaging in civil disobedience in protest of either a morally corrupt length of copyright, the morally corrupt concept of copyright in its entirety, and/or a morally corrupt punishment that is far in excess of the crime. If someone says that one of these things is "morally wrong," that's their opinion and there's not a lot you can do about it - and that opinion justifies civil disobedience (granted, they should be willing to "Do the Time" with their only defense as, "yes I broke the law, but the law is morally corrupt and therefore invalid").
FWIW, if a person holding such beliefs is ever on a jury in an RIAA case - or ANY Intellectual Property case, for that matter, I fully expect to see them assert the power of jury nullification and let even the most egregious offender off the hook, otherwise they are inconsistent and hypocritical.
--AC
Many areas have good coverage from lots of people installing wireless access points. I have installed one myself. What happens if someone uses it to share files? Does that make me liable? I know there is no way to block specific usage unless I install a server or firewall, which is too expensive. So, if there is liability, I am worried many, if not most, people and companies will shut down their wireless access points and this will mean the end of this very useful technology. I recently ordered several thousand dollars of home entertainment equipment via an open access point after visiting a store. I was about to buy from the store but went out to my car to double check prices and found a great deal, saving my friend hundreds of dollars. It seems the RIAA is threatening the utility of the internet.
Many of us disagree with their definition of property rights. We believe that having a copyright is not like having a car. Thomas Jefferson had the same opinion. The legal rights associated with copyright have changed dramatically since the constitution was written, we don't believe those changes are beneficial, therefore we exercise civil disobedience.
Personally, I'm a libertarian. Property rights are pretty important to me. I just don't see copyrights and patents as regular property...and neither does the law even today, your title to your car will never expire like a patent will.
Instead, I view "IP" as what it really is: a temporary monopoly, enforced by government at the point of a gun, for the sake of a greater good: promoting the public domain. That greater good is not well-served by the current regime.
I'm currently developing a new management system for our university network of ~4000 nodes. It has the ability not only to track every single IP address ever used by any student, but also what hub port/wireless AP they were connected to at the time.
As an internal debugging/security tool, this is *great* information. We can make sure that people aren't abusing the network. We can find and disable compromised machines with very simple tools. We can easily do tons of other useful administrative tasks.
However, I *really* worry that the information could be subpoenad and used against individual students by the likes of the RIAA/MPAA. I've been harping on upper management to let us purge the history after roughly a week (tops), which would give us plenty of debugging time, and at the same time not give the legal system enough time to issue a subpoena before the information is gone.
It's really a wierd situation for me. The tools I'm working on are extremely powerful, and will definitely save our network guys a lot of time. But there's a distinct possibility that the information we gather could be used in ways that I, personally, find abhorrent.
It makes me wonder about other developers working on software that's used for security: it's a fascinating job, and has tons of really good applications. But at the same time each piece moves us one step closer an Orwellian society becoming possible. Is this something I/we should really be persuing, given the potential outcome?
--Jeremy
Jesus was a liberal
Not keeping certain logs would put the ISP in violation of certain federal laws, of which the DMCA may be one, but most notably the PATRIOT Act, I believe.
At least 1 IP is Canadian: 205.205.143.254. What do they hope to accomplish? They certainly won't be able to get an extradition on that fact alone so they won't be able to prosecute.
I guess they're probably going for shock value. A big number of IPs makes for better headlines.
Clem.
I understand why this people might settle under the duress of being sued by the RIAA, but I don't understand why they don't all get together, form a class, and file a class action suit against the RIAA. In all honesty, I'm not sure exactly what they would sue the RIAA for.
One suggestion: harassment.
Another suggestion: if the RIAA represents the recording labels, and you believe CDs are so ridiculously expensive that some form of price fixing or other anti-trust violation must be taking place -- which I do -- then that might be a possibility. Perhaps for legal reasons you could not sue the RIAA for this, but if you had to sue the individual record labels, a successful class action suit should have a major impact on the RIAA too, as it's money comes from the record labels. I would think this would be especially true if the the amount of the class action suit were consistent with the ridiculous damages the RIAA and record labels are claiming.
Any thoughts?
Actually, that is a far worse plan than dealing with the RIAA.
An ISP can be held responsible in situations where it does not keep records like radius logs. Since the ISP would be unable to prove they didn't do it (they being the ISP), presented with evidence that shows the illegal activity came from their network, it would almost be an automatic loss for them in court. Don't expect any compassion from the court, once the judge points out that your irrisponsibility is borderline deceptive and unethical business practice, you'll probably get either a maximum fine or harsher term.
This is much like loaning your car to a drunk stranger. You automatically become legally liable for anything he does behind the wheel due to your own irrisponsibility.
People forget that the Internet is a communications service. It's not like the phone company doesn't keep a log of all the phone numbers you dial, times dialed, duration of call, the date/time in GMT, etc.
However, I *really* worry that the information could be subpoenad and used against individual students by the likes of the RIAA/MPAA.
Oviously I'm missing something - why are you worried? If they're breaking the law they deserve to get busted, if they are not, your logs will not point legal accusations at innocent students.
Yes we all hate the RIAA for their a-moral and insensitive behaviour, but in the end if they're subpoena'ing information it's because they have *some* evidence of violation of copyright.
I've been harping on upper management to let us purge the history after roughly a week (tops), which would give us plenty of debugging time, and at the same time not give the legal system enough time to issue a subpoena before the information is gone.
Now that you've gone on public record admitting that you're trying to get the log-storage period reasonably short specifically for the purposed of defeating potential RIAA subpoenas you're just put yourself in the line for interfering with a police investigation if not tampering with the evidence.
Cearly you've thought this through with the utmost care.
Whiuch University did you say you worked for?
Visit CryptoGnome in his home.
I see a lot of confusion over the way files are identified and whether this will stand up in court or not.
If you think they are using a method as trivial as "they responded to a search for name label_muzak.mp3" you are mistaken. This would definitely not be credible evidence in court (anything could be in the file) and it's not how the RIAA is going about tracking illegal uploads.
The method they are using has been described in some of the articles concerning the subpoenas issued to users of the networks and it works as follows:
1. The RIAA employs modified nodes in the various networks (KaZaa and Morpheous seem to be the big two) to search for known song names or groups.
2. When they find a match, they attempt to download the entire file from the user. This point is important: if they can't prove you actually uploaded a copyrighted file in its entirety, they don't have a case.
3. When the upload is complete they perform an MD5 sum on the content and verify that it matches a database of known copyrighted files. If they didn't do this step, they would have to have someone listen to it to be sure its actually what they think it is.
Given the nature of peer networks, there are a number of common rips (i.e. identical) of songs widely shared among many users. Thus the MD5 sums will match for the same file among many users.
This is all the information they need to bring a suit against your. They have an IP address and time/date associated with the upload, they have a verified MD5 sum for the upload that matches known copyrighted files.
This information was covered in a previous article here: Innocent File-Sharers Could Appear Guilty? and the techniques they use are explicitly designed to withstand the scrutiny of a legal proceeding.
All of the cases of mistaken identity to date (the mac user sent a nasty gram, the grandmother, etc) appear to be mistakes by the ISP correlating a given IP + date into the right account holder, and not a flaw in their methods associated with identifying infringing content traded over the networks.
Microsoft is not an ISP.
In a relatively static corporate network, you're going to keep renewing the same IP address over and over and over. That's how DHCP works. (After your lease is 50% up, your 'puter asks the DHCP server if it can renew the lease on that IP addy again.) There are people on the LAN at work whose IP hasn't changed in years, despite being DHCP clients.
I don't know why ISPs mix up the pool of IP addresses, but sure enough I have a new one (though my subnet hasn't chagned) every week or so.
In my neck of the woods, we've recently had some issues with the parts of the DMCA that allows the FBI to seize library records without anyone getting to know. The solution is that most local libraries now purge their records of your books as soon as you return them. I shouldn't think it would be any different for ISPS if they didn't want it to be.