Slashdot Mirror
Censoring The Net With A Hotmail Account
Alex Bradbury writes "Members of the Bits of Freedom group conducted a test to see how much it would take for a service provider to take down a website hosting public domain material, and have published their results. They signed up with 10 providers and put online a work by Dutch author Multatuli, who died over 100 years ago. They stated that the work was in the public domain, and that it was written in 1871. They then set up a fake society to claim to be the copyright holders of the work. From a Hotmail address, they sent out complaints to all 10 of the providers. 7 out of 10 complied and removed the site, one within just 3 hours. Only one ISP actually pointed out that the copyright on the work expired many years ago. The conclusion of the investigation is definitely worth reading. The three providers who didn't take down the material are XS4ALL, UPC and Freeler. The company that came out the worst was iFast, who forwarded all the personal details of the site owner to the sender of the fake takedown notice without even being asked to do so."
I am amazed that an ISP wouldn't have some process in place to at least check the validity of a party making that request and check the validity of the copyright as well. It wouldn't take much to put such a process in place.
http://www.busyweather.com/
I can either invest in lawyers to investigate every claim, or drop a few customers with an "ask no questions" policy.
Which is easier for the smaller ISP to administer and live by?
I'm not saying it's right, we're just in an odd climate around digital rights at the moment.
What should be illegal? Testing ISPs, or handing out information on your customers to whoever asks (or doesn't ask) for it?
.nl (Netherlands). The US may have laws that affect this.
I don't know how representative this would be of US ISPs, as all the ISPs mentioned in the article are
Note that all of this occurred (ostensibly, judging by the TLD) in the Netherlands.
US laws don't apply there, I'm pretty certain.
Dear Slashdot,
My great great grandfather had a newspaper in Lizard Lick, NC back at the turn of the century. I was called "The Lizard Lick Slash/Dot".
Please remove your site from the internet as it's in violation of copyright.
As you may know, the Slash/Dot moved it's headquarters from Lizard Lick to Bugfart, Iowa back in the 40's, just after the war. It's publisher, Mavis Leetdudzki also was the town buggerer and notary public.
Thanks.
"Leo Fender was in a 'state of grace' when he designed the Stratocaster." -- Paul Reed Smith
Put a simple process in place. When someone makes a copyright claim send them an email asking for written proof of who they are and evidence that they do have a legitimate copyright ownership. The party making the request should do all of the work, the burden is on them. They would then have to mail all of this, by certified mail, to the ISP. If the party making the request does all of this properly than a takedown decision can be made. A legitimate party with a legitimate claim should have no problem complying with such a request/process.
http://www.busyweather.com/
Maybe this group should forward their findings onto the relevant data protection agency in the Netherlands ... it would be interesting to see what happened.
(answer: nothing, these agencies exist to suck money and do nothing)
The company that came out the worst was iFast, who forwarded all the personal details of the site owner to the sender of the fake takedown notice without even being asked to do so."
I can't help but wonder, is this consistent with iFast's user privacy policy? I can't tell, I don't speak Dutch...
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
I can either invest in lawyers to investigate every claim, or drop a few customers with an "ask no questions" policy.
Which is easier for the smaller ISP to administer and live by?
By far the easiest method would be to autoreply with the address where DMCA takedown notices are accepted, mentioning that they must include a statement of accuracy made under penalty of perjury.
I think everybody missed the real test here,
the test is which company is the most helpfull to people sending notices to sites and its obvious that iFast is the most helpful,
Now all I have to do is tell ALL my friends to go with them, iFast will like all the extra business its the least I can do for such a helpful company...
"WebTV: bringing the Internet into the shallow end of the gene pool since 1995" - Martin Bishop
This is very bad news. This means that ISPs are so afraid of litigation that they are willing to remove material at the first threat of copyright violations without cheking whether or not the material is copyrighted. Basically, they are willing to be bullied by any entity that claims copyright.
And this is exactly why law which holds service carriers such as ISP responsible for the actions of their owners is both invalid and dangerous. ISPs can't and shouldn't be expected to police their customers, and laws or copyright treaties such as the DMCA which place them into the position of having to do so must be changed...
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
I can either invest in lawyers to investigate every claim, or drop a few customers with an "ask no questions" policy. Which is easier for the smaller ISP to administer and live by? I'm not saying it's right, we're just in an odd climate around digital rights at the moment.
Damn straight. I hope people understand enought to only place part of the blame on the ISPs here. The primary people to blame are those who are behind the insane copyright laws that have caused ISPs to legitimately fear massive fines, prolonged lawsuits, and even jail time for copyright violations.
The balance is tipped way too far on the side of copyright holders. Fair use has flown out the window, copyright is essentially limitless now, and appropriate penalties for these "crimes" have long since abandoned in favor of draconian measures designed to totally cripple anyone who steps out of line.
Yes it's unfortunate that more ISPs didn't do some basic investigation into the matter, but when you risk having your entire business shut down in the blink of an eye if you make a mistake in your research, what can you expect? For all they know a recent court ruling might have allowed a publisher to get the work back under copyright. With the way things are going these days, it's not that far fetched.
For example, if the public library was responsible and liable for all material that was copied on it's self service photocopy machine, then most libraries would probably ban use of the copier or manage and log its use very closely and be willing to share this information with anyone that threatens to sue the library. This would be done to protect the legally liable library. The library would be attempting to shield itself from liability by cooperating with those that were alledgedly infringed and by pointing the finger at the person that actually made the copies. Of course libraries are not liable, the person that uses the copier is liable. This is why photocopy machines are normally self service. This prevents the library from being legally liable.
Unfortunately the same doesn't seem to be true for ISP's. ISP's can be legally liable if they don't provide information about an alleged copyright violator or if they don't remove the allegedly copyrighted material from their servers in a timely fashion. It is unfortunate that even though the ISP may not knowingly endorse infringement or actively participate in the infringement, they could still be held liable (or at least named as an infringing party in an expensive lawsuit).
Unfortunately ISP's have not been afforded legal protection similar to that granted to libraries with respect to photocopiers. It is the system that attempts to hold ISP's liable that is the problem. ISP's are merely reacting to this and trying to protect themselves.
Tie this in with the RIAA/MPAA's apparent automatic search and send bots (that are programmed moronically to boot, a 30kb file's supposedly a movie?) and you also get the potential to take down large chunks of the web illegally. Just wait till the lowlifes out there start doing DoS's using bogus takedown letters instead of packets. Things will probably get mighty ugly.
The current setup of copyright laws establishes that there's a steep penalty for not taking down a copyrighted work, but no penalty at all for wrongly taking down public domain work... No wonder the businesses involved reach for the trigger instead of stopping to think. Delaying when it's valid exposes them to risk, tripping over a false positive does not.
I had some source code to a game I was working on, and had licensed the code to a friend (it was for a MUD, and I had years of work invested). After an altercation, he violated the agreement we had and decided to release his copy to the world to spite me. Fortunately the code was several years old from my current work, but UNfortunately what he released contained player files with plain text passwords, and some of the players had played on both of the games with the same password.
Within 20 minutes of his posting it, I politely asked the ISP to take it down (was about midnight), and they had it taken down by morning. Someone obviously got hold of it and hacked a few of our players' accounts, but the source+assets itself never resurfaced.
Hunt your preferred prey at Aliens vs Predator MUD. Join the war at avpmud.com port 4000
Had you actually read the article, you would know that the study primarily concerned European providers, not American ones. And one conclusion of the study was that it was actually a lot harder to take down a site in the US than in Europe.
An almost identical study was published by Christian Ahlert of the Oxford Internet Institute, and featured on /. http://yro.slashdot.org/article.pl?sid=04/06/10/17 50232&mode=thread&tid=153&tid=99
See his website for more details http://www.ahlert.org
It's good to see that the authors of this article at least provide a reference to his work, but I think this slashdot thread should have mentioned the study that started it all!
Not only should it be illegal, but the people from the ISPs should go to prison. Yeah, it might be easier and cheaper for the justice department to do away with all trials and just play jury/judge/executioner but that's not the way it works. The ISP should be required to actually investigate it and have real, solid evidence before they go and do something. On a sidenote, I wonder what we could "copyright" on the RIAA's site...
Every time you post an article on Slashdot, I kill a server. Think of the servers!
Certainly, ISPs here have been known to overreact to complaints before (and the DMCA gives them specific guidelines that they *must* follow, no matte how unfounded the complaint is) but last I checked, this wasn't specific to Texas. But perhaps these Europeans know something about Texas that I do not ...
But when I was new to PayPal, I and some friends of mine receive spoof emails. I thought to make it known that such a thing was going around (again, I was a newb.) I removed the offending part from the email (the form submit), added a giant notice indicating it was an example or a phish scam, and put on my site. I forwarded the site to my friends.
The next day, my site was taken offline. PayPal didn't even look at the content: they chose to contact my ISP, which didn't even put up a fight, and to put a hold on my account, without any sort of consent on my part.
A blog like any other.
I'm not surprised at all at XS4ALL's behavior. This is the same ISP that went to court to defend one of their customer's rights to host the Fishman Affidavit (a collection of high-level Scientologist documents).
I'm glad that there are companies out there who are willing to stand up for their users when they are right, going so far as to take the heat in court. XS4ALL won the case, too, and the Fishman Affidavit is still hosted there for all to see.
-
For example, if the public library was responsible and liable for all material that was copied on it's self service photocopy machine, then most libraries would probably ban use of the copier or manage and log its use very closely and be willing to share this information with anyone that threatens to sue the library. This would be done to protect the legally liable library. The library would be attempting to shield itself from liability by cooperating with those that were alledgedly infringed and by pointing the finger at the person that actually made the copies. Of course libraries are not liable, the person that uses the copier is liable. This is why photocopy machines are normally self service. This prevents the library from being legally liable.
Bad example, and most copiers are self service because libraries can't afford to hire staff to do a job most people are capable of doing themselves. In this case the equivalent would be if someone reported to a library employee that some guy was copying an entire book on the copy machine and had been at it for hours. At this point the library would be responsible to check out the situation and stop the person if the allegation is true. However, if they get to the copier and the guy's actually copying notes from a friend instead of a copyrighted book the library should not unplug the copier and demand the guy leave. At that point it's clear the original report was bogus and the guy at the copier is not breaking any laws. Incidentally the library would be liable for the copyright violations if the failed to even investigate a reported abuse, just making the copiers self-service doesn't exempt them from that responsibility.-
Unfortunately the same doesn't seem to be true for ISP's. ISP's can be legally liable if they don't provide information about an alleged copyright violator or if they don't remove the allegedly copyrighted material from their servers in a timely fashion. It is unfortunate that even though the ISP may not knowingly endorse infringement or actively participate in the infringement, they could still be held liable (or at least named as an infringing party in an expensive lawsuit).
Actually the law requires them to pass along the takedown notice to their customer who's allegedly infringing, then to take the site down if the customer doesn't respond defending themselves. The ISP is most certainly not required to forward along personal details to the complaintant without a warrant, the RIAA has kindly established this for us by abusing the DMCA, that's why all their suits are now filed as John Doe suits. Secondly the ISP does have some responsibility to check the validity of the claim. Receiving an E-mail from a hotmail account should be a warning sign that something's not right in this case. When the site in question plainly lists the original copyright date (and why it's in the public domain now) the ISP opens itself up to a breach of contract lawsuit from their customer. Just because the DMCA says ISPs have to respond in a timely manner does not release them from other legal obligations!-
Unfortunately ISP's have not been afforded legal protection similar to that granted to libraries with respect to photocopiers. It is the system that attempts to hold ISP's liable that is the problem. ISP's are merely reacting to this and trying to protect themselves.
Actually it does, ISPs must respond to complaints filed properly (ISPs are allowed to list a DMCA contact address that MUST be used to file all complaints, the law allows them to ignore any complaints not sent to that address), must pass the info to the subscriber and must take down the site if the subscriber doesn't respond. If they do that they're fine, but in this case they seemed to do only the last part, after failing to do even the most basic of fact checks. ISPs aren't merely "trying to protect themselves", they're failing to uphold their subscriber agreements. Acting in this manner will not absolve them of their other legal obligations and can, especially in this case, open them up to lawsuits from the subscriber. That's not protecting yourself, that's just stupid.Exactly. I run www.mncriminals.com, which publishes the MN criminal conviction data. We get the data directly from the state. We frequently get letters from people demanding that we "expunge" their record because "the state cleared their name". We pretty much just ask that they fax a copy of the state's paperwork removing the conviction from their record. We've only ever heard further from one person. Even then, she hadn't really had it expunged. Rather, she'd had the remainder of her sentence, including parole, etc. commuted. A lot of people make demands and I'm perfectly willing to follow through, but you're going to at least provide a piece of paper proving it needs to happen. The BSA can come into my offices only if there's a warrant in their hand, etc.
The Glass is Too Big: My Take on Things
You see, they have this little thing called 'Terms and Conditions' that hostings firms reserve the right to give you the boot at their discretion in...
The Yasashii Syndicate ||
Assuming the Netherlands to comply with European data protection legislation, handing out information on your customers like that is already illegal.
2 of the 4 founders of XS4ALL were editors at HackTic ; a paperprinted Slashdot at the time;) http://www.hacktic.nl/
They were succesfull from the first day that they started selling internet access to the consumer ; and kinda set first foot in that area, dragging alot of new ISP's into the market over the years.
Currently they are one of the more expensive ISP's around ; but the whole company radiates the Google-vision : 'do no evil'.
Their customer service was one of the best i -ever- had ; I only found out later that most of their helpdesk are actually screened for -really- knowing about computers ; instead of reading from an autocue all day long.
Consider this possibility:
A bunch of motivated slashdotters all go to their local libraries (or anywhere else they can gain anonymous internet access) and create hotmail or yahoo email accounts. Then, they send copyright violation notifications to various ISP's across America, so that a huge number of legitamite sites get taken down.
The resultant customer rage would get media attention, and the ISP's would mention the DMCA as they speak in their own defense. This would bring the harmful effects of the DMCA into the public eye.
Of course, I am not advocating any such thing. Just reflecting on the possibilities.
--AC (emphasis on the C in my case)
that would actually involve breaking the law.
tell me again exactly what law was broken by this group?
Erm..
Perjury?
When you send out a take down notice you are making a legal claim that is not true.
Online backup with Mozy, sounds like Ozzie, but more!
activewebhosting.com decided to pull my site just because there were MP3's on it. MP3's that I had permission to store.
-- Having a Creationist Museum is like having an Atheist place of worship
Granted, I'm still dependent on someone else for connectivity itself, but I found a pretty good DSL provider with terms I can live with, so as long as I keep my systems are zombie free and I don't do anything stupid enough to get an actual court order sent to my DSL provider, I'm pretty safe from this kind of crap (at least more than I was before). And I got broadband service to my house in the process.
I realise it's not an option for a lot of people, but if you want something done right...
http://alternatives.rzero.com/
1) DirtFire
2) ICame (sexually)
3) FireFromMe
4) DirtArrived
Pick your favourite. I prefer the number 2.
UPC (aka chello) ignore all complaints, valid or not, including spam complaints.
see for yourself
Chello.nl
Chello.at
Lawyers, MBA's, RIAA? A jedi fears not these things!
One of the most problematic developments in copyright law has been the conversion from civil to criminal law. I'm a believer in the principle of copyright, but only as matter between individuals. If you make unauthorised copies of my comics, it's up to me to go after you (or not, at my discretion); it is not a crime against society or the state that should be subject to a trial of The People v. _______.
http://alternatives.rzero.com/
The handing-the-customer-data-out part is already illegal under UK law (Data Protection Act, 1984).
A group of journalists in Poland managed to sneak into the airpoart and stick a label onto the plane on the runway. They could stick a bomb onto it as easily.
"Long run is a misleading guide to current affairs. In the long run we are all dead." (John Maynard Keynes)
the people responsible for these kind of things out of office, this is the future you can expect.
What?
Why? What crime have they committed?
The ISP is based in the Netherlands, by handing out data about one of their subscribers without a court order they have violated EU data protection laws. That's a crimial offence...
Al.The Daily ACK - Eclectic posts by yet another hacker
I don't think that being free really has much to do with it, although there could perhaps be a correlation. Probably what matters is the terms of service that you agree to. Even if you pay for the service, virtually all terms of service will contain a clause that states the provider can yank your access or hosting or whatever they provide on a whim at their own discretion.
Clearly it might not hold up in court, and it's perhaps even less likely to hold up if you're paying for a service and they don't have reasonable grounds for not providing it... regardless of what's in the terms of service. But they could still potentially get away with claiming that they don't have time or resources to follow up complaints and have to protect their liability, and it still means going through the court system. The latter is a huge disincentive when it's normally much easier to just find a different provider.
A potential legal battle is never profitable for an ISP. Why even take the risk?
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Not only should it be illegal, but the people from the ISPs should go to prison. Yeah, it might be easier and cheaper for the justice department to do away with all trials and just play jury/judge/executioner but that's not the way it works. The ISP should be required to actually investigate it and have real, solid evidence before they go and do something. On a sidenote, I wonder what we could "copyright" on the RIAA's site...
/. and other techie forums. There is this "I'M GONNA EMAIL MY ISP AND FIXOR THIS NOW" mentality. The bulk really comes from morons who get mad at someone on IRC or AIM and just want a third party to scare someone. It is a real shame, actually. I would come to work and find 4000 emails from customers, other ISPs customers, police departments, copyright holders, etc and 99.9999% of them were complete bullshit.
Being a former employee of a major ISP, I can tell you first hand that you are not going to see this reality. Think of this:
You have 6.8 million subscribers, the staff is bare-bones in order to keep the business afloat. It matters not how fiscally responsibe you are, there is little profit in being a service provider when your competitors pay Indians $2/hour for their labor.
Even further, people complain non-stop on the Internet. Just take a gander at a few
So, the only way to effectively survive in this type of enviroment is to assume if something looks legit, take the first steps and let the two third parties deal with it on their own. Plus, if you post some garbage on the web, assume it will get deleted at some point. Keep backups. I repeat KEEP BACKUPS. This way, when the differences are settled, you can just upload you junk again and life will be back to normal.
The direction you should focus you anger towards is the DMCA. I know it sounds cliche, but bombard your congressman and other gov offices with letters and faxes with reasonable explanations as to why you think the DMCA is a bunch of crockery. Sending some $30k a year, over worked, ISP employee who's not got a lot of options for jobs to jail because he was just doing his job is pretty stupid to say the least.
Anyway, go read an ISP's terms of service. They are pretty much immune to anything short of calling you racist names or having sex with your handicapped sister.
Say you're the ISP in this situation. It makes more sense to take it down than it does to leave it up. What do you gain for just leaving it up after receiving a dispute? Nothing, really. What do you have to lose if you continue host something that is truly under copyright? A lot more. The potential for more work is there by leaving it up than there is for merely taking it down.
Now, I'm not saying this is right. But there has to be a better incentive than "the good of all humanity" to protect fair use.
There was an anti-spam attempt made by a group from Europe. They created a service called anti-spam, which constantly loaded gifs/jpgs from the spam-sites, making traffic go high. these were published on normal http sites in europe.
Suddenly mails were sent to owners about that the http spread warez and similar. My guess is that the spam-sites created fake mails about this, and after 3 hours the site was closed.
I guess we need a better way of dealing with this.
but I love the "Texan-style private ISP justice"! Biased against Texas... or maybe just Bush. ;-) /no flame intended.
The problem here is that the bar for 'looks legit' here seems to be incredibly low. An email from a hotmail account making an allegation, with no evidence to back it up, 'looks legit?' I don't think so.
In such a situation I would think the minimum would be a certified letter with specific allegations, and some sort of evidence showing that the complainant does have a valid copyright, and the material in question does come under it. Anything less should be sent to the bitbucket.
Of course, there's another issue underneath this one - the ISP shouldn't be involved here at all, if there's a legitimate complaint the customer should be sued, and the only involvement with the ISP should be a court order to identify a particular customer. That's where the bad law issue is. But even with the bad law, the ISP shouldn't be jumping to cut off service to its customers based on unsubstantiated and undocumented allegations. I know they can't, realistically, go around making a decent investigation of every complaint - which is why they should simply bitbucket anything that doesn't come with some evidence - which the complaints in this case did not do.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
I'm not sure this is a fair test. Under the DMCA, the ISP must take down the material within (I think) 72 hours to maintain immunity. The site owner can respond in 10 days to deny the charges and the ISP can put it back up with immunity. Now I'm not saying that the DMCA is the correct way to do things, and I really don't condone the idea of handing out personal information without a court order, but this "test" doesn't tell us anything except that ISPs don't want to get into legal trouble. Surprise, surprise.
This is probably the most exposure that Multatuli has had in 100 years. I believe that in parts of Europe they refer to Fair Trade coffee as Max Havelaar coffee though.
I don't think we'll see action on this area until people start sending annonymous copyright takedown notices to the ISP's of members of congress, as well as the heads of major corporations, showing them the folly of giving others full control over your life and business without due process. Of course such a thing would be illegal and dangerous, and a person would have to be crazy to do such a thing. After all, laws are a social contract, which we must obey in order for society to function. In a society ravaged by terrorism like ours, sending mixed messages is the last thing we can afford.
The ______ Agenda
...is just that they make anonymous email accounts illegal.
In response to such information TERRORISM, next thing we know it becomes a federal offense to open anybody an email account without first demanding a notarized photocopy of their drivers license. DMCA stands.
After all, that's as appropriate as most of the responses to 9-11 have been.
I happen to work at the abuse department of one of the ISP's who deleted the content(No name mentioned, but it is the biggest in Europe, I believe). What I like the world to know, is that the test done isn't done realy carefull. After we received the complaint we checked the site and concluded that the mentioned text was shown. We then sent a notice of warning to the "customer", in which we asked the person to respond to this message by mail or phone if the complaint was not accurate. After giving the customer a few days to respond, we heard noting. We know from experience that everybody who is wrongly acused/warned will respond within a few days. After not hearing from the customer, whe decided to pull the website. If it was a big issue we would have asked our legal department to take a look at the case, but we concluded this wasn't so. We didn't check the original of the text, since we are not working there to be experts of literature, just to keep our network clean. I also mailed the guy who did the test and asked him why he didn't respond to our warning notice, but he hasn't returned a message to me.
--- In a world without fences, who needs Gates.
I would say this is typical for the dutch.
They sell everybody they can to save themselves, without any serious research, and certainly without thinking of the consequences.
They have no idea of freedom of speech, privacy. Mainly because holland has no culture of professionals. About 40% leaves school at the age of 16 to 18, those that choose to study, choose for very low levels, and meaningless degrees.
The people that choose for something higher, choose for economy and other vague and contradictive educations combined with economy, like hyped studies with an IT factor that's reduced to utter insignificance and a mockery.
In many other countries youngsters pursue a professional life, not in holland. In holland they all want to be 'manager'.
Without a professional attitude things get political, like in backstabbing political. They find every excuse to get rid non-dutch people, even when the non-dutch have a much better grasp of any work at hand.