Programmer Challenges RIAA Investigators

NewYorkCountryLawyer writes "In court papers filed today in Manhattan federal court, programmer Zi Mei has slammed the investigation on which the 'ex parte' orders obtained in the RIAA's cases against consumers are based. Armed with Mei's affidavit, a midwesterner -- sued in Atlantic v. Does 1-25 in New York City as 'John Doe Number 8' -- has asked the judge to vacate the 'ex parte' order on the ground that the RIAA doesn't have the evidence it needs to get such an order. If Doe wins, the RIAA's subpoenas to the ISP, for its subscriber's identities, will be thrown out."

IMPRESSIVE

but probably not effective, young master.

SILLY HU-MAN

You will be crushed by RIAA! Rocket-subpoena arms-- ACTIVATE!

ex parte

[Black+Parrot]

Here is an explanation of "ex parte".

Re:ex parte

[eatmadust]

or here on wikipedia.

Re:ex parte

or here or here or here or here or here or here or here or here or here.

Re:ex parte

[Heem]

or here

Re:Ex Parte

[TheHawke]

A Big Blow? It might be the Mike Tyson-style knockout punch that the defendants have been looking for. It will establish a precident for the rest of the "John Doe" lawsuits that the *AA's have slathered all over the nation.

About bloody time someone found a way to cripple these borderline-illegal 'suits once and for all... That is, IF the judge sees it the right way.

Re:ex parte

[Husgaard]

You US people are lucky that ex parte decisions are only allowed for giving the identity of someone with a certain IP address.

A few years ago, the US government bullied my country into making new law under the threat of a trade war.

This new legislation allows copyright holders to obtain an "ex parte" court order to enter and search private homes without informing the people living in these private homes if the copyright holder can show that it is "probable" that someone living there has infringed on a copyright. There is no requirement that the police be involved in such searches of private homes (first time this has been allowed in my country), and the law gives the copyright holder a right to be present at the search (never before have the other side in a civil case been allowed to be present during a search of a private home in my country).

This has regularly been abused. In very few cases the "evidence" found in such searches has ever been used in a court of law. Instead most cases have been settled before court by the people searched in fear of the copyright holders releasing information on what was found during the search (legal or not).

I used to have a hard time understanding why some people were thinking the US was imperialistic and why the US had to be opposed in any way possible, but no longer.

Tomorrow it may be my door that the US entertainment industry kicks down.

Does somebody want to take a guess if I still like the US?

Re:ex parte

[cnerd2025]

Sorry for looking out for our own interests. Oh, wait, Denmark and the EU does the same thing. And the threat of "trade war"? Is Europe really so arrogant it thinks it has some "God-given" right to trade with the US? We can trade with or without whomever we wish and cease at any time.

If you read even the description, you'd realize that the "ex parte" order is really "ex parte Doe", used to execute the Writ of Habeas Corpus. "Ex Parte" is generally illegal in the US, and should be. This "ex parte Doe" means that the Doe, in this case the accused, believes that he or she is being held without legal cause. "Ex parte" basically means that one party is using an unfair advantage over another and thus justice is not being served.

I'm no fan of the entertainmaint industry. However, keep something in mind, friend: every state, be it municipal, regional, national, or supranational, has the right to look out for itself. The EU sure does. If you have beef with how the US executes trade, then do something about it. We aren't holding a gun to your head to force something upon you. You elected the leaders who passed your laws. We didn't set up some revolution in Copenhagen or Brussels to execute our will. Your government chose that trade with the US was more important. If you dislike what your government does, then elect new people. And if you dislike the entertainment industry, then don't buy their things. You didn't make any coherent argument against them. In the US, the RIAA oversteps its legal rights, and therefore legal injunctions must be placed on them. But they are a trade union, and they do have some legal rights. Your arguments place them in no violation of yours or anyone else's rights, nor the overstepping of their rights.

Now you make some very very incoherent arguments about the US "breaking down your door". I don't know how it works in Europe, but in the US, the police run all searches and seizures. And issuance of search and seizure warrants are Ex Parte, for good reason. Entertainment industry thugs don't just break and enter, searching for "copyright violations". That is strictly against the US Constitution.

Please, I'm tired of people blaming the US for this or that or the other thing, when the real problem lies in the peoples' own country. We have messed up lots of stuff, but to bitch at us just means that you're too lazy to do something about it.

Ex Parte

[Shadow+Wrought]

IANAL, but have been paralegalling for a few years now. Ex parte is the term used when one side in a case speaks with the Judge without the other side being privy to what is said.

If he can get this tossed it would be a pretty big blow to the RIAA's case.

Re:what the fuck

[MightyMartian]

is the summary trying to say? it's nonsensical gibberish

Ah, young Padawan learner, you have discovered a truth. Now put down your light saber, it is time to teach law, so that in time you to will be paid $200 an hour to write word salad.

Re:what the fuck

[Krach42]

Right now the RIAA is the only person talking to the judge about this case, because the defendents are all "John Doe" and thus are unable to be identified and brought before the judge.

From the impression that I gett, I think RIAA is trying rigerously to get a finding against these individuals for copyright infringement, and then get their identity. More likely, they're using these ex parte appearances (where the defendent isn't present) to get the judge to authorize them to be able to obtain the names required in order to bring a proper suit against these people.

I'd say this is pretty similar to a situation where someone breaks into your house, and leaves a very weak trail, and the cops peeter out. So, you sue the person as a John Doe, then try and use that to find out who John Doe is.

Basically, it's like putting the cart before the horse to me. They're suing people before they even know who they're suing. For all they know, they could be suing someone on their legal team, or even the judge!

Careful about the ex parte whooping

[TheSkyIsPurple]

The ex parte orders are being used to figure out who exactly to sue... with out them there's no way anyone would be able to have any sort or recourse since ISP's tend not to share subscriber info without a court order. They could require that each ISP be formally sued for the info, in which case they have to come in to court... RIAA wouldn't have much of a problem with this, but ISPs would lose out HUGE time. The ISPs still have some recourse after the order is entered as well, and as we see here, even the person getting sued can take some action as well as soon as they are identified. (Some ISPs will notify you before they answer, and give you a chance to try to quash before they answer) Alot of the rest of their tactics are crap, but this is a legitimate use of ex parte, and I dread what the alternative would be.

Re:Careful about the ex parte whooping

[Krach42]

While I agree that this is what ex parte is intended for. It's perfectly reasonable for the person to fight against it, and ask, is this really what we should be allowing?

But in some ways, it could be misused. Say someone walks past my front yard and throws a bag on my lawn. I didn't see them, but when I get the bag, there's a reciept in there with a date and time of where he bought something. If I wanted to sue the person should I be allowed to ex parte sue them as a John Doe on the first hand, so that I can then contact the store and force them to reveal who the person was?

The question is just how much justification need be shown to grant an ex parte order of this nature (they're arguing it's insufficient).

ahem

Does this mean i can sue the police to get my 650 pound stash of pat back

Who's Pat, and why do the police have him? Why would you want someone who's so heavy?

Is this so unreasonable?

[Anonymous+Brave+Guy]

Right, let's be clear. I think a lot of behaviour by the RIAA and its ilk is disgusting.

Now that I've got that little disclaimer out of the way, let me ask: is this use of ex parte tactics really so unreasonable? From the RIAA's point of view, the law has been broken. They just can't find out who did it to take legal action against them directly, because the ISPs and such (quite rightly) won't disclose confidential information to the RIAA on demand.

So, the RIAA do what any sound legal system should require them to do if they want to proceed: they must go to a court, and make a case that there is a reasonable need for them to have that information, and ask the court to give them the authority to get it. The court can consider their argument -- which, if they've got information that someone was swapping songs, almost certainly illegally, is a fairly solid one -- and grant the permission if it finds it appropriate.

At that point, no individual has yet been brought to court to face any claim, so no individual has been harmed. The RIAA just has a name, and it's up to them to demonstrate, in a separate court action with the defendant given due process, that the named person committed some illegal act and should be required to pay compensation or whatever.

Now, personally I think the US "everyone pays their own fees" system sucks, because it's wide open to abuse by large and well-funded organisations in this sort of context, but that's a separate problem. With US law as it is right now, what would be a more reasonable way for one party that has genuine evidence that they may have been damaged by some other, unknown party to seek fair compensation than by asking the courts to agree with them based on their evidence to date, and to enable them to find the person likely to be responsible so that they can be properly taken to court?

Re:Is this so unreasonable?

[Spock+the+Baptist]

Now, personally I think the US "everyone pays their own fees" system sucks, because it's wide open to abuse by large and well-funded organisations in this sort of context, but that's a separate problem.

The real problem with the state of civil litigation is that corporations are allow to act as a "person". It's a matter of an inequity of resources. A corporation typically has enormous financial, and legal resources compared to an individual.

The real solution is to treat corporations as the commercial organizational entities that they truly are, rather than as persons. For that matter governmental organizational entities also ought to be treated as such.

There needs to be a change to the civil standard between individuals from *proof by a preponderance of evidence* to a more rigorous standard. Proof beyond a reasonable doubt is too strong a standard a civil standard between individuals, or between organizational entities. In a civil case between an organizational entity, and an individual where the organizational entity is the plaintiff, then the *reasonable doubt* standard ought to hold.

Part of the reason for the *proof beyond a reasonable doubt* standard in criminal cases is to prevent malicious prosecution. A high standard for burden of proof in criminal cases reduces the potential for false witness to be used as a means to 'get even with', harass, or intimidate individuals. The high standard lessens the potential impact of 'frame ups'.

Re:Is this so unreasonable?

[THE+MAC+GOD]

The Problem isn't that they are seeking money lost on pirating... Anyone who's owed money that isn't getting it. has a right to be pissed off (just ask the artists that are under the RIAA). The Problem is that they, the RIAA, are hypocritical. They are attacking run of the mill people who have pirated a couple songs... When they should REALLY be going after the massive black markets in indonesia, malaysha, china, etc. But, it's a lot easier to sue 80-year old women, or 20-year old guys with no money than to run up against the Triads. You know, another thing, obtaining music isn't really the crime, it's listening to music you haven't paid for. If it was just HAVING the music, then every person in the world could get sued as a potential distributor. Also, RIAA should be forced to go back and sue everyone who ever made tape copies BEFORE going and suing people who are downloading songs off the net. It's unfair that they are able to pick and choose who to sue when it should be an unbiased, across-the-board thing. But, NO, IPs are easier to harrass people with. Shoot, most people who pirate go and actually buy the music. And the harder and harder they make CD DRMs (aka SONY), they will only be making things harder for the honest people when hackers will ALWAYS find a way around it. I don't care what kind of scheme you have. It will be hacked... sooner or later. Usually sooner... look at the 'unhackable 360' as evidence for that-and just wait for dvd-John to get into the mix. Anyway... my rant... people who make billions in profit and bitch about not making another billion piss me off... like they need another hot tub in their jet.

Re:down with Media Sentry

the majority of accused John Does are guilty but there's always the chance of a false positive

I absolutely disagree. I'm the registered agent contact for a regional ISP and routinely receive RIAA communications regarding their allegations of offenses within our address space. Here's a few aspects of my ongoing experience with the RIAA and other intellectual property protection parties (mostly publishers in my experience outside of the RIAA):

• ignoring the registered agent requirement: In almost every single case since the change in the law, the RIAA has ignored the registered agent provision. They are required to go through this party and follow certain notification requirements to comply with the law and obtain their ability of recourse by demonstrating this compliance. They repeatedly and intentionally ignore the law. Typically, they will notify helpdesk or receptionist employees at the company via telephone, or notify our upstream ISP with a demand for compliance inconsistent with the law's specifications (e.g. they will file a suit within two business days if the address in question is not shut off).
  
• They do not provide evidence required by the law. I've been repeatedly demanded to shut off a subscriber, name the subscriber and provide contact information (name, billing address, phone, and other items that would clearly violate Gramm Leach Bliley if there wasn't legal grounds for giving it out) on evidence like this: "We've discovered IP address 192.168.3.3 has copied our intellectual property." Name of file? Evidence that the filename is actually property-holder's IP and not just another file with the same name? Evidence that the alleging party holds the IP rights to this property? Time/date and details of the event? (I've *yet* to be given timestamps from the RIAA - wtf? Somebody give them a dollar so they can buy a freaking clock).
  
• Threats that exceed legal authority and actually may encourage legal recourse when a response is made notifying them of their obligation to comply under the law. I've even had RIAA attorneys contact our upstream and notify them that we "hadn't complied" (with a noncompliant request with zero documentation, ignoring the law) and the upstream was given hours to shut our connection serving 1/3 of a state off or face lawsuits.
  

The appropriate response is a legal one, and mind you, a legal one that has a letterhead of partner names that spans the top of the piece of paper (meaning not a small private practice, but a large firm that is enough to scare the RIAA into understanding your counsel has deep resources that can counterclaim and hurt them).

Another strong recommendation is for all smaller ISPs to provide their upstream with a letter on the lawfirm's letterhead just briefing them on your compliance with the registered agent provision, requesting evidence of their compliance, and a subtle reminder that if they ever fail to follow the law, they'll get to know your counsel really well as you recover damages from business interruption, damage to goodwill and all sorts of exciting, expensive claims.

This letter will probably cost you $300 to $500 depending on your firm, but it'll save your ass. It has done so for us at least two times when the RIAA completely ignored the law and sent its night-school, white-shoe attorneys after our upstream carrier.

Oh... and in my investigation of the John Does, I've usually found P2P running in a bit more than half the cases with parents unaware that Bearshare was loaded by their minor child, and in about a third the cases, no evidence in traffic flows of any P2P (nor any historical data from NIDS monitoring). Not that we'd ever keep such data (don't and have a policy of wiping it weekly).

Re:what the fuck

[InvalidError]

Some ISPs will not release customer information unless a court order tells them to... and this is how things should be.

To get these court orders, RIAA/MPAA/etc. usually have to file lawsuits. The *AAs know the ISPs have the customers' info but until they get the court orders, all they have to work with are activity logs showing people from certain IPs accessing illegal content at specific times. Once they have the order, the ISPs are legally required to tell them who owned those IPs at those specific times and amend the lawsuits with the actual names.

Which do you prefer? ISPs readily disclosing customer info to *AA leading the *AA to extort people directly or ISPs refusing to disclose info until forced by the courts during the normal discovery process? Following due process at least prevents the *AA from picking specific targets and also forces them to more thoroughly investigate each case they plan to file. Having to file formal lawsuits also prevents them from pretending it never happened when cases turn out to be dead-ends or backfire.

The *AAs fought long and hard to circumvent due process but they failed, now they're forced to sue Jon Doe by following due process... everybody should be happy that the *AAs are finally using the legal system the way they are supposed to instead of trying to work around it.

Word Salad?

[TubeSteak]

Fictional RIAA Victim: I paid my lawyer $200 an hour, still went to jail and all I got was a tossed salad.

Also..EFF

[redwoodtree]

Also, one more thing before I go back to the slugs...

It would have been nice to mention the Electronic Frontier Foundation and how much they deserve YOUR support (as well as mine... and everyone elses.) For it is through the EFF that we have even the slightest hope of regaining some sanity in the digital world.

Re:Atlantic vs DOES 1-25

[rodentia]

John Doe #8 has also moved to dismiss this aspect of the suit.

You are right, it is an inside out class action, formed under Rule 20(a) of the Federal Rules of Civil Procedure. Doe #8's lawyers essentially argue that any link between the 25 co-defendants is fortuitous and insufficient to grant the jointure. The rule is designed to collect partners or other's who jointly benefit from the transaction or actions at issue.

Re:what the fuck

[Krach42]

Which do you prefer? ISPs readily disclosing customer info to *AA leading the *AA to extort people directly or ISPs refusing to disclose info until forced by the courts during the normal discovery process?

Neither. I want the ISPs to have the ability to refuse to disclose customer information to the RIAA unless they have been issued a court order. Note, this isn't EXACTLY what you said in the second part, because it allows that the ISP can choose to disclose the information, if upon their own evaluation the information is warranted.

If the ISP releases the information and it wasn't warranted or permitted, then you have the recourse of acting against them. Also note, this is the way it is now.

Following due process at least prevents the *AA from picking specific targets and also forces them to more thoroughly investigate each case they plan to file.

That's exactly the point. Who knows it's due process, until the court examines it. John Doe #8 is asserting that the RIAA has not sufficiently followed due process in their actions against him and the other 25 John Does.

It's all a legal battle. In court, everyone says their going to do something, and they try and make their case, and the court either agrees or disagrees, then they move on to the next matter.

The *AAs fought long and hard to circumvent due process but they failed, now they're forced to sue Jon Doe by following due process... everybody should be happy that the *AAs are finally using the legal system the way they are supposed to instead of trying to work around it.

Crap, wait... were you agreeing with me or disagreeing with me. Either way, I agree with this statement...

If you were agreeing with me, then it's all good, but if not... um... I don't know what to argue about since we both agree that it's a good thing that the RIAA is being forced to operate under due process.

Don't get too excited

[Anon+E.+Muss]

The motion to sever the defendants may well succeed. In that case the RIAA will be forced to file separate lawsuits against each John Doe, costing them additional filing fees. This may slow them down for a few nanoseconds, but it won't stop them. They'll refile.

The motion to quash the subpoena is more interesting. Can the RIAA document the alleged copyright infringement with greater specificity? If not, the subpoena could be quashed, and this John Doe will skate. That won't stop the RIAA from suing other John Doe's using similarly flawed evidence. It will still be up to each John Doe to fight back, using their own time and money.

Remember, it's the legal system, not the justice system.

This always happens....

[Djarum]

Around Thanksgiving I was having this exact idea while talking to a friend of mine.
I am quite a law buff and I was arguing that the "ex parte" orders were illegal and if someone were to challenge them they would win. The counter that "well the person is breaking the law", you would have to remember that even though you have proof of a crime you can not arrest nor charge another.

Lets say your neighbour is making drugs next door. You see crackheads walking in and out of the house. There is weird chemical smells, and empty bottles of chemicals around. Hell lets even say he tried to sell you some and have it on video tape. Can you go across the street, knock down his door, arrest and charge him with a crime?

No, of course not. You call whatever Backwoods Nazi Law Enforcement Agency you have, they will conduct their own investagation, and then if they have enough evedence they knock down his door, arrest and charge him.

Now if the RIAA would want to follow the laws put into place in the United States they would report the person to the FBI's Copyright Infringement division and let them do their own investigation and charge the person with a crime. Most likely the FBI would take a look at the 13 year old with 300 mp3's on their drive and file it away far, far away.

The person that said that the RIAA should be charged under the RICO Act is indeed onto something. It is a form of racketeering. Also the RIAA should have to be forced to show the actual loss in revenue from each song, and where do they come up with the numbers they sue people for.

Re:down with Media Sentry

[Sancho]

Exposition: I am a network security analyst for a university. We have a group that solely handles "incidents" such as copyright infringement, spam notices, etc. That team delivers (and probably filters) incidents to the security group, who then scan the firewall logs for any evidence of network activity with the intersection of the timestamps, IP, and ports reported. We then return that information plus the name of the alleged infringer to the incident team.

I don't know if the RIAA uses multiple firms or if the incident team filters out the infringement notices, but I have never once received a notice without a timestamp. The notices I receive have the IP, timestamp, ports, p2p network, and infringing filename. We occasionally get the IP address that detected the infringement, too.

This tells me one of two things: 1) You're exaggerating or outright lying, because every notice I receive has the appropriate information.
or
2) The incident team returns notices which do not include the necessary information, in which case your ISP could do the exact same thing.