Judge Orders TorrentSpy to Turn Over RAM

virgil_disgr4ce writes "In an impressive example of the gap of understanding between legal officials and technology, U.S. Magistrate Judge Jacqueline Chooljian 'found that a computer server's RAM, or random-access memory, is a tangible document that can be stored and must be turned over in a lawsuit.' ZDNet, among others, reports on the ruling and its potential for invasion of privacy."

What's the problem?

[jonbryce]

Take the chips out of the machine and send them to the other side.

Re:What's the problem?

[benfinkel]

I read a couple of other articles on it (google 'em, easy to find) and basically the Judge understands more than this Slashdot abstract says.

Torrentspy was contending that they had no record of user's IP addresses, since they don't do any IP logging. The Judge has ordered that since, even though there is no logging, the IPs are available in the RAM for a period of time, that constitutes a recording and they were ordered to capture that information from the RAM in a more permanent spot.

This is new because it's the first time that volatile RAM has even been considered as evidence in that manner.

Re:What's the problem?

Maybe a few minutes later. Not hours or days. The decay is total by then, and there isn't even theoretical equipment that could distinguish its state from noise.

Re:What's the problem?

[MyLongNickName]

Yeah... uh right. I am sure there is some type of theoretical possibility here, but practically no. RAM has to be constantly "refreshed" to keep the charge high enough to be read. After about ten seconds without power, I doubt any instrument would be able to read the state before power down.

Re:What's the problem?

[sammy+baby]

That oughtta work. I do that recreationally anyway.

Re:What's the problem?

[TheRaven64]

A bit of DRAM[1] is basically a transistor and a capacitor. Due to the small size of the capacitor, its stored charge leaks away very quickly, on the order of a few milliseconds. A DRAM 'refresh cycle,' which happens around every 64ms in modern RAM, involves reading the value of every bit and re-writing it before it leaks away. This is done in parallel; every bit receives the clock signal and refreshes itself. Storing data in DRAM requires a constant application of energy; as soon as you cut power to RAM, the bits will all be reset to the same value (whether this is one or zero is largely a matter of convention).

Oh, and whoever moderated this informative, please never ever use mod points again.

[1] Main memory in all mainstream machines is DRAM.

Re:What's the problem?

[despe666]

Wanna bet they'll charge them with destruction of evidence if they actually comply with the order and pull the chips from the computer?

Re:What's the problem?

[flitty]

I hereby order you to bring in your computer monitor, to see if we can recall any images that appeared in it, and get IP addresses that way!

Re:What's the problem?

[rs79]

Attention dipshits: learn to read.

From the first line of TFA:
In a decision reported late Friday by CNET News.com, a federal judge in Los Angeles found (PDF) that a computer server's RAM, or random-access memory, is a tangible document that can be stored and must be turned over in a lawsuit.

Note the "can be stored" bit.

If you'd read the PDF of the court order you'd have noted the judge understands quite well that the RAM is volotile and that he was asking the relevant parts be stored. Specifically, he wants the ip addresses stored.

The story headline should have read "judge orders torrentspy to store IP addresses".

Re:What's the problem?

[robbiethefett]

you could simply explain to the judge that the wizards who live in the magic machine box have cast a very powerful spell that makes it extremely difficult to get the RAM out. i mean, it's pretty apparent that this judge would take that as a reasonable explanation.

Re:What's the problem?

[canajin56]

There are established rules that say that a defendant cannot be compelled to create new documents for the plaintiff, even if the new document would just be a compilation and/or summary of other documents. TorrentSpy maintains that they do not currently log IP addresses, and therefore an order to begin logging IP addresses and turn over their logs would be illegal. The judge has ruled that RAM is legally a document, and therefore they DO in fact have such documents in their possession, if for a very short period of time. As such, he has stated that a requirement to enable logging does not constitute creating a new document, and is simply transcribing a document from one format to another, which they CAN be required to do. And that's why he referenced the RAM, because without acknowledging that this data is contained in the RAM "document" at one point, they cannot be legally compelled to enable logging.

Re:What's the problem?

[AK+Marc]

It is illegal to demand a document be created. The judge declared that the IP logs did exist at some time, even if only in RAM, so they must be produced. Not capturing the contents of RAM before it changes is destruction of documents. The only way around this would be a literal interpretation of the details, such as producing the contents of all RAM, without context. Just the strings of 1s and 0s, as that is how the "document" is stored in RAM. The implication is that the raw contents of RAM will not be produced, but instead the data that they are seeking will be distilled from the RAM and formed into a standard file. Such additional work is not necessary and it is illegal for the judge to demand. It is akin to the judge ordering you to present your address book because it contains the number of your bookie and holding you in contempt because in addition to the "b"s (where everyone lists Bookie under "b"), you included the As, Cs, Ds, etc. You *may* do the additional work, but there is never a legal requirement. If they don't like it, they can sift through the data themselves. If they didn't want the contents of the RAM, they shouldn't have subpoenaed it.

Re:What's the problem?

[oskay]

I follow you most of the way, but I'm not sure how arsenic, cesium, and darmstadtium fit into this discussion.

Re:What's the problem?

[Tim+C]

No, as that's not what was ordered. The order was to start logging the information so that it can be submitted as evidence in the future, not to hand over the RAM chips themselves.

Re:What's the problem?

Correct, but the wanted information is the one off the RAM itself.

To prove that TorrentSpy was making it easier to share files, the studios told Chooljian that it was necessary that they obtain records of user activity. They convinced her that the only way to do this was to obtain the data from RAM.

It also shows that the judge doesn't understand technology and blindly follows the lead of MPAA which suggested getting the data off the RAM. It's the case of the blind following another blind.

I suggest TorrentSpy create a memory dump off the RAM and give the printout to the judge. Since the data keeps changing, they can also ask the judge when they need to do another memory dump.

Re:What's the problem?

[aichpvee]

Why not, most americans think that's how the universe was created. So it only makes sense that computers run on magic, too.

Re:What's the problem?

[Mr2cents]

if you put "cat /dev/mem | uuencode | mail judge@court.gov" in a cronjob and let it run every minute, I'm sure he will be more than pleased.

Re:What's the problem?

[simm1701]

The big bang was jump started by Lister using the jump leads from star bug

You've seen back to reality right? ;)

What's next?

[raeb]

"Please sir, hand over your motherdisk."

Re:What's next?

[Opportunist]

I insist that you hand over your ISDN drive. And your SCSI modem.

Re:What's next?

[jkmullins]

Actually, they are. The data has to be modulated to a particular frequency that equates to a television channel, using 64-QAM or 256-QAM modulation on the downstream (to the customer) channel, and QPSK or 16-QAM on the upstream (to the provider) channel. The cable system I used to work for used 64-QAM on 105MHz downstream (a very, very low frequency for a cable modem, equating to channel 97 digital 1 if I remember correctly) and QPSK on 26MHz (pretty typical). Just because the channel is carrying digital data doesn't mean it isn't modulated.

HD

[gregoryb]

Maybe she meant 'hard drive'? The majority of the people I supported while working IT during college used the terms RAM and hard drive interchangeably.

-gb

Re:HD

[AKAImBatman]

No, nothing like that. I can only presume that the judge's order explained the reasoning in detail, but basically the court has decided that if it's in RAM it's an electronic document. To that end, the judge has ordered TorrentSpy to turn on logging to capture these "electronic documents".

It's basically some wild legal theory invented to provide a method of giving the MPAA the discovery information they want. The bright side is that the judge has decided that the individual IP addresses may be redacted to prevent TorrentSpy's users from being targeted.

Blank RAM

[Esion+Modnar]

And these guys get arrested for destruction of evidence when they find that the RAM is blank. Un-freaking-believable.

Re:Blank RAM

[zCyl]

Apparently "Your honor, you seem to be an idiot," is not an effective objection.

Re:Blank RAM

[Anonymous+Brave+Guy]

I doubt anybody will get in trouble because a judge doesn't know a PS/2 port from a SATA connector.

Don't count on it. In the UK, under the Regulation of Investigatory Powers Act, anyone can be required to turn over the password to decrypt any encrypted data they have that is needed for certain legal purposes... even if the "encrypted data" is just random bits, with no significance and not derived from any meaningful data. You are presumed guilty if you won't (or can't) supply the appropriate password.

If this case happened in the UK, the RIP Act would appear to make you guilty by default if you couldn't supply a password that "decrypted" whatever data was in the RAM when it was next powered up to turn it back into whatever they think was there before. And given that these are people who don't appreciate the volatile nature of RAM, I wouldn't hold out much hope of explaining to the judge why it's not possible to comply with their ruling.

Aren't you glad that our inept legislators and your incompetent judges work in different jurisdictions?

Re:Blank RAM

[bcattwoo]

And these guys get arrested for destruction of evidence when they find that the RAM is blank. Un-freaking-believable. No, because the article summary misrepresents the actual ruling. TorrentSpy claims that it can't turn over certain data because it was never logged. The judge ruled that since the data in question was in the RAM, TorrentSpy was in possession of said data and must preserve it for discovery, i.e. start logging it. The judge in no way ruled that they must physically turn over the RAM chips.

Re:Forgive My Ignorance, But...

[RingDev]

You are correct, so the only viable solution is to remove the RAM with out turning off the machine!

-Rick

PS: KIDDING!!!

link is broken

[chip+rosenthal]

Here is a working link to the article: http://news.zdnet.com/2100-9588_22-6190900.html

hmm..

[JustNiz]

I wonder if its floppy or hard ram?

Re:hmm..

[Coraon]

Depends, is there cute girl ram around?

Sure

[Nom+du+Keyboard]

Sure, I'll unplug it and send it to you right away, your Honor!

Re:invasion of privacy

[iluvcapra]

As the TFA explains, the judge means that the RAM would become a legal document, and that any information put on it would have to be retained for later examination, and that if this ruling were extended to things like SOX, a SOX-complying company would have to keep transaction logs or images of their RAM so that the state of the RAM at any point in the past could be accounted. EEep.

precedent

[nomadic]

Keep in mind this is a magistrate judge, which is one step below a trial court judge (who is already generally below 2 levels of appeals courts). Magistrate judges work on a very fact-specific level, so I don't think this ruling would make even persuasive authority. I think I cited a magistrate judge like once, and that was just because the subject was so obscure I couldn't find anything else...

Even if they had the information off the ram...

[CaptainPatent]

Even if they had the information off the ram, there's no way to tell what context they're running the information in.

1001011010100100 - Well with this information I have no choice but to rule the defendant innocent... oh wait...
1001011010100101!! That changes everything! - I have no choice but to rule the defendant guilty !

Re:invasion of privacy

[laughing+rabbit]

Damn! I knew we should have stopped referring to 'pages' of memory.

Re:invasion of privacy

[iluvcapra]

oh please let it be so... that would show just how ridiculous it is...

Wholly agree. Another implication in the article is that someone could hit you with a court order, and the moment you were served, if your machine was on, turning it off (or even killing a process or doing something that caused a pageout) could be destruction of evidence.

Over Simplified Headline...

[nick_davison]

It has nothing to do with handing over physical ram. It's about whether you have a piece of information in memory but deliberately fail to ever write it to a log - and whether you can be compelled to add that to your logs.

The more worrying demonstration of ignorance for me is:

"To imagine my information being disseminated without my written or verbal consent is unnerving," she said. "Then again, if I'm doing something I know is illegal, can I protest?"

If you smoke dope in your own home, can you protest if the police break in without any kind of a warrant?

If you like oral sex in any of the states that ban it, can you protest that your landlord installed a hidden video camera to catch it?

If you had depression and were hospitalized for being potentially suicidal, can you protest if the hospital gives the information to a former spouse who's trying to get child custody?

Of course you can damn well protest. Violation of your privacy is not acceptable simply because you're happening to commit a crime at the time.

It's especially not acceptable if you're not even necessarily committing a crime (seizing all server logs of all people using a torrent when only some of them are sharing copyrighted information over it). "Many people in group X are criminals, thus we're pulling all information on group X" is absolutely not acceptable. Imagine if the argument was "Many people in this housing project are involved with drugs. So we're demanding complete phone taps for everyone that lives there and we'll decide who's a criminal once we have that."

Re:Judges shouldn't be allowed on these cases.

[mypalmike]

he still couldn't understand this udderly basic principle

Moo.

principles

if he still couldn't understand this udderly basic principle, how is he going to be competent with the remainder of the case? Maybe the litigants cud moove for dismissal then milk it for publicity, but I suppose the cow-ards are graduates of Bovine University.

Re:What's the problem? Ordered Recording!

[redelm]

This is unbelieveable, especially in a Civil case. Sure, you can order the production of documents. Even expost format conversions. But I've never heard of imposing a requirement to make new documents.

The meatspace equivalent to RAM-recording is to require conversations to be taped and those tapes to be produced. Worse (more intrusive) actually, since RAM must be slowed to be recorded. RAM is as ephemeral as air.

I expect an appeal. I understand the desireability and value of the evidence, but rules are rules.

Re:You would think that???

[Hijacked+Public]

Since all we have is her decision in the case, I'd have to assume that the in court arguments made it around to the fact that TorrentSpy isn't logging connections to their server therefore the logs requested by the MPAA do not exist. The MPAA probably made the argument that the data did indeed exist (it appears the location they chose was in RAM), but it just wasn't being captured.

The order is far closer to an order to maintain logs than it is a request to pull the RAM out of the server and mail in. But being dramatic about how stupidly stupid the MPAA is and Judges and everybody but Slashdot geeks is much more fun than actually reading and understanding a court order.

What is most worrisome about the ruling, if everyone would shut up about physical RAM chips, is that a transient collection of 1s and 0s is considered a 'document'.

Oh my. I think you are a fellow old-timer.

[hummassa]

When I was a kid, RAM was made of flip-flops and I had to go to school with three feet of snow, and it was uphill both ways. Oh boy.
Nowadays, BosstonesOwn (794949), RAM is made out of capacitors and they have to be "refreshed", that is, some circuit re-reads/re-writes the same values all over many times per second. One second without refresh, and all the data is gone for ever and ever and ever.

BEFORE: a flip flop has an input, a clock, and an output. when you put 0 in the input and pulse the clock once, the output is now 0; if you put 1 in the input and pulse the clock, the output now has 1. This is how one bit of memory is stored. Also know as SRAM, this kind of memory is fairly large in terms of integrated circuits (like 20 transistors in-die), is reasonably fast, and it's still found in L0/1/2 caches of microprocessors, in quantities in the range of Megabytes.

NOW: you have a capacitor, if you put 1 in its input (that is the same pin as its output) it retains this one for a fixed period of time (T). if no-one tries to read this bit in, like, T/2, a circuit in the memory reads this bit, and if it's 1, writes again 1 in its input. Also known as DRAM, this kind of ram is smaller per-bit (one capacitor in-die, 40-60 times smaller than a bit of SRAM), but the memory itself has to add in the end the size of the refreshing circuit, it's slower (because read cycles must be synched in time with refresh cycles), and is found in the "RAM" socket of your motherboard, in quantities in the range from hundreds of Megabytes to Gigabytes.

So, DRAM _really_ clears, i.e., if unplugged when plugged again it's all beautifully zeroed.

Ok??

Re:Oh my. I think you are a fellow old-timer.

[trolltalk.com]

When I was a kid, RAM was made of flip-flops and I had to go to school with three feet of snow, and it was uphill both ways. Oh boy.

You were lucky - you had a supply of cheap beach sandals! We had to make our bits out of acorns. Our computers would crash every fall when the squirrels would bury all our RAM.

Re:Oh my. I think you are a fellow old-timer.

[ScriptedReplay]

Why sonny, count yer blessings. Them acorn-based computers crashed only once a year. We didn't have no acorns so we had to make do with bundles of straw - upright was 1 and tumbled was 0. And the memory bus was rock-based - we threw rocks to flip them bits, and let me tell ya, it was SLOW to flip 'em back to 1. Then rain would get the straw all soggy and zero 'em bits so we'd have to hack'em open and spred 'em in the sun to dry. And we'd have to rebuild them computers daily anyway, 'cause in the morning sheep would pass through the field and the blasted rams would eat at the memory.

I'd still use one even now, for ol'times' sake, 'cause my lawn gets so little rain these days, but the damn kids are worse than the rams. And I thought about using them kids instead, but my son's lawyer advised me against it. So I have to make do with flipping 'em the bird instead.

Re:Oh my. I think you are a fellow old-timer.

[OldManAndTheC++]

We didn't have no acorns so we had to make do with bundles of straw - upright was 1 and tumbled was 0.

Whoa, whoa ... you had ones and zeros?!?!

Luxury!

I see this as net positive.

[JRHelgeson]

While industry experts lamented the judges decision in this case, this newest revelation, that computer RAM should be turned over as part of discovery, proves that she has no concept of the issues she is addressing in her court. This provides fertile grounds for appeals as she is obviously dealing with issues she cannot even comprehend.

The fact that she has ordered the defendant to CREATE evidence (log files), in order to turn it over to the plaintiff as part of their discovery request is absurd.

A Good Thing

[ratboy666]

I am sure that there will be a lot of "snicker" replies -- how can the magistrate be so stupid...

But this is an interesting idea. RAM holds information, specifically the IP addresses in this case.

"Sorry, we don't have the IP address available; they are never recorded". To which the reply is: "They ARE recorded. In RAM. So copy RAM".

Why this is a useful result: It means that it *could* become illegal to build a computer that has "unreadable" memory, because *that* memory may be where information needed by a court is being kept, and it needs copying.

Which means that "secure writeable storage" for DRM becomes illegal (at least on computers).

But, back to the topic, the magistrate is dead on. Of course, the RAM could simply be dumped onto a hard disks, lather, rinse, repeat. I don't think INTERPRETATION of the document was discussed!

Mandatory logging

[zerofoo]

Courts are trying force administrators of systems that do not log activities to start keeping logs.

There are many problems with this:

Technical: RAM contents are not permanently stored due to the technical nature of RAM. This judge wants to change that.....essentially storing everything that passes through RAM.

Cost: Why should the owners and operators of systems bear the cost of copyright enforcement? As a system administrator, what do I gain by spending my company's money on lots of disk and tape to keep logs for the RIAA? Why is that my responsibility?

Responsible party: If my users agree to only use my systems for legal purposes and they break that agreement, why am I required to provide anything to any third party? If they violate my TOS, I should be able to kick them off my network. The RIAA and their civil case should not involve me or my network. Their gripe is with the end user. If they need my help to pursue their case, then they don't have much of a case.

SARBOX forces companies to keep all emails and IM records as potential evidence. What's next? Recording every spoken word just in case someone needs it in court?

The burden of proof should be on the accuser - not on the accused.

-ted

Re:What's the problem? Ordered Recording!

[arborlaw]

Agreed. We've been here before.....

The SonicBlue / ReplayTV case in 2002 involved an order by the court to ReplayTV to create the technology to record information about subscribers for purposes of determining how much usage was violating the TOS and the law.

From the defendant's brief in that case, which makes it quite clear that the information does not exist and would involve an affirmative duty to surveil:

Federal Rule 34 Neither Requires Nor Authorizes An Order To Create Records That Do Not Exist.

Not surprisingly, Plaintiffs cite no authority for such an order. It is well settled that a party is not required to create, either in paper or electronic form, data that does not currently exist within its possession. Steil v. Humana Kansas City, Inc., 197 F.R.D. 445, 448 (D. Kan. 2000) (party "cannot be compelled to produce documents which do not exist" ). Rule 34 "only requires a party to produce documents that are already in existence." Alexander v. Federal Bureau of Investigation, 194 F.R.D. 305, 310 (D.D.C. 2000) (emphasis added). "A party is not required 'to prepare, or cause to be prepared,' new documents solely for their production." Id. Plaintiffs misunderstand Rule 34 and the law relating to the discovery of data compilations. It is true that Defendants may be required to produce both hard copy documents, and electronic data, that are stored in Defendants' own files and computers. But, with the sole exception of the limited my.ReplayTV.com information discussed below, the information sought by Plaintiffs is not "electronically stored" on Defendants' computers. It does not exist anywhere yet. It does not even exist on individual consumers' PVR hard drives, much less on Defendants' computers. And if the information is created, and a program written to log it in the future, it would exist on a consumer's personal property, not on ReplayTV's computers.

Rather, Plaintiffs are asking the Court to order Defendants first to write a program to implant in a consumer's ReplayTV unit in order to create and store the data, and then to write software to collect the data from consumers (without further notice to them) and disclose it to Plaintiffs. Neither Rule 34 nor case law obliges Defendants to take these extraordinary steps.

--originally provided by Mike Godwin in SonicBlue discussion, Cyberia-L

RTFD

You have been misinformed if you take the slashdot summary at face value.

And you have been misinformed if you RTFA.

The judge's decisions responds to most of the comments posted here, and the lawyers comments naively repeated by the author of the article.

Instead, read the decision (RTFD) that the article links to.

Although she mistakenly says websites have RAM, she definitely knows what RAM is, if you read her analysis about why the RAM should be turned over. She doesn't want the chip, she wants the ip address that temporarily pass through the website server's RAM.

Based on existing case law from other copyright cases, whatever passes through a computer's RAM is a tangible copy, if only a temporarily one. According to the rules of discovery, the defendant must produce this copy because it is within their control. It is within their control due to the fact their provider uses the a web server (Microsoft's), and this server has the capability of logging ip address that temporarily pass through the computers RAM.

So "turning over the RAM" actually means "hand over the documents that are temporarily stored in the RAM by simply turning on the logging function of the webserver." The judge is simply following existing case law and discovery procedures.

Re:What's the problem? Ordered Recording!

[Col.+Blackwolf]

While I object to some of the conclusions that the court has drawn in this particular case, I am far more concerned with the broader implications of the paragraph starting line 20 of page 24, referring to the the US Wiretap Act (18 U.S.C. 2510-22). "First, the court concludes that this statute is not implicated because, as to electronic communications, it only prohibits interceptions during transmission (not while in electronic storage, i.e. RAM), and the disclosure of electronic communications intercepted during transmission. See Konop v. Hawaiian Airlines, Inc.302 F.3d 868, 878-879 (9th Cir. 2002). This is true even though storage is a necessary incident to transmission." This is an explicit writ authorizing anyone the legal right to record any and all information that passes through the RAM on their computer. I.E. if I own webserver X, I am within my legal right to log all information, or a portion thereof, that passes through my system, by virtue that it will reside, however briefly, in that system's RAM. This includes data for which my server is not the intended recipient, as it has still been electronically stored on my system. For example, I could record the addresses of all emails that route through my server. And since this recording is my property, my consequent sale of said information to interested third parties is completely legal. This also means that any gov't agency that so desires this information can acquire it via a straightforward civil information discovery request, bypassing the more stringent requirements to obtain a valid wiretap warrant. The implications of this ruling for the future of data protection and security are frightening. While I am confident that it will be overturned or at least limited in the future, the potential for abuse is mind-boggling (like most things governments seems to do these days).

Err....no.

[DeadCatX2]

Not in modern DRAM. Modern DRAM is basically [sic] a capacitor.

Sure, forgetting about the whole row and column stuff, and the sense amps...

However, due to the natural resistance of silicon there is always some leakage current leaving the capacitors.

Incorrect. Capacitors lose charge because dielectrics are not perfect insulators, and thus some current actually leaks through from one plate to the other.

This means that RAM left alone for more than a few tenths of a milisecond will lose enough voltage to drop to a logical 0

Disturbingly wrong. Most manufacturers specify that a row of DRAM must be refreshed at least every 64 milliseconds. In fact, Wikipedia cites a pdf saying that some information can be retained for up to minutes in a cell of DRAM - though you will get some bit errors.

TO prevent this, RAM is constantly refreshed- the ram chip will spend spare cycles writing its own value to itself.

Actually, the memory controller will issue a refresh command to the DRAM chip. This is probably what you were thinking about before...a row refresh must happen every 7.8 microseconds or so (depending on the RAM chip). But, that's because the refresh operation only refreshes a single row. The DRAM chip usually has an internal address counter, so you just say "refresh the next row" and the DRAM chip already knows what the "next row" is, and afterwards it increments it so the next time you issue the refresh command, it refreshes the next row. If you execute these refresh operations every 7.8 microseconds, then in 64 milliseconds you will refresh every row of memory on the DRAM chip.

Oh, and by the way, reading from any cell of DRAM will refresh the entire row that cell is on, because reading from DRAM is a destructive operation. Therefore, there's actually a row of latches at the bottom of the columns, and the values from those latches are placed back into the capacitors while the bit of interest is being shuffled out onto memory bus.

Writing to a cell also requires reading the entire row, which means that writing also refreshes that row.

is the ruling about physical RAM at all?

[siddesu]

i am kinda late to the fray, but the actual ruling doesn't seem to concern itself with the technical aspects of RAM, instead, it addressess the argument "does TorrentSpy have electronic recordings of their server logs", and, as far as read, it seems to say "yes, because data is in RAM for a while, and RAM is an electronic media built for the purpose of storage and retrieval of information, albeit short-term one, and TorrentSpy can read the data during that time".

The whole argument is there in the first place because TorrentSpy seem to allege they don't have logs because the logs are not on disk, but in RAM, which is transient and not an electronic medium.

So, to my IANAL eyes the ruling says "if you are in the US, and you have been issued a court order to store all your electronic communications, you better do so and don't come up with excuses which are lame technically."

I respectfully decline to comment on whether this ruling is good, bad or ugly.

Re:is the ruling about physical RAM at all?

[Brian+Gordon]

The excuse that RAM is volatile is hardly lame, it's just the way computers are built and no amount of judicial yammering will change it.