Slashdot Mirror
TorrentSpy Must Preserve Data In RAM For MPAA
Transient writes "Reaffirming a magistrate's earlier decision, a federal judge has ordered TorrentSpy to begin keeping server logs as it defends itself against an MPAA lawsuit. In her opinion, Judge Florence-Marie Cooper interpreted federal discovery rules broadly. ' Judge Cooper took issue with TorrentSpy's argument that data in RAM is not "stored." She noted RAM's function as primary storage and that the storage of data in RAM — even if not permanently archived — makes it electronically stored information governed by federal discovery rules.' Given that TorrentSpy has limited access for users in the US, the ruling may be moot. But it does set a precedent for other, similar cases. 'Under this interpretation, any data stored in RAM could be subject to a subpoena, as at a basic level it is a "medium from which information can be obtained" just like a hard drive. '"
I can't wait for the ruling on l2 cache and registers. Seriously, can we not pay some money to have some people who understand technology available to the court?
Wouldn't that apply to streams also? They're also stored in RAM, after all..
From the PHP manual: "Also note that it is your responsibility to die() if necessary."
Does this mean that turning a computer off could be considered destruction of, or tampering with, evidence ?
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Does this mean they can subpoena the contents of the white board in conference nine at 7:23 AM on June the 13, 2005?
Why can't the court grasp the transient nature of the content of RAM?
-Peter
Sort of like the uncertainty principle. In order to "store" RAM to a permanent medium, RAM will change to write itself to the medium. This reminds me of when I testified and tried to explain that from a programs perspective, VM looks just like RAM, just slower. I never managed to convince the prosecutor. Clearly the legal system hasn't a clue about tech.
So... you have to be able to log everything that is in ram as well now
so we need faster processors and bigger hard drives to handle the extra load.
A normal log may not be that big, but when you get to a few months full of RAM logs for a busy server... I think this precedent will get overturned when they find out just what they are asking for.
I want to to write down every single thought you have for the next 10 weeks...
I am surprised that the costs issue was not addressed. Generally, and if I recall, that if there are costs on on electronic discovery, that cost can be shifted on to the requesting party.
For this the costs would be expensive.
There are two ways to archive this:
1. By snapshotting the ram.
2. By rewriting the server code.
By snapshotting the ram, it would require a program with root access to snap this and lots of data to be archive.
By rewriting the server code, it would take months to rewrite it properly and test it. Then they would to license the IP2location database to perform lookups on the IP address filter out US addresses. I suspect that this filtering would require one or two more computers to perform this.
Fight Spammers!
Which makes sense. Imagine that I do all my shady accounting on some Post-Its, then turn their contents into a bunch of spreadsheets and a ledger that look legit. If my accounting documentation is subpoenaed and I don't produce those Post-Its, and the court finds out about their existence, I am in deep shit for destruction of evidence and/or failure to keep required records. I certainly wouldn't get far with a claim that the Post-Its were a "temporary storage medium" or something.
I believe the fact that TorrentSpy is being compelled to keep server logs by the MPAA is fucked up on a few levels. I just wanted to point out that the last part of the summary is not as profound or earth-shaking as it might seem.
Tags != Comments, and -1 (Troll) != -1 (I Would Respond Angrily To This Poster So They Must Be Trolling)
There is little doubt in my mind that that is the case. It does not matter what you did, but if it was intentional then it is a very serious crime to deny or destroy evidence.
:)
If you "forgot" to pay your colocation bill and they turned off your servers, that might work. You could claim you couldn't pay the bill because of all the money you are spending on lawyers.
“Common sense is not so common.” — Voltaire
What the judge is saying is that just because you keep a file in RAM and not on on disk, you can't claim you aren't "storing" that data.
The magistrate judge didn't buy that argument, and in her opinion reaffirming the magistrate's order, neither did Judge Florence-Marie Cooper. Judge Cooper took issue with TorrentSpy's argument that data in RAM is not "stored." She noted RAM's function as primary storage and that the storage of data in RAM--even if not permanently archived--makes it electronically stored information governed by federal discovery rules. TorrentSpy: "We could log that information, but we choose not to."
Judge: "Choose to do so from this point on."
RAM isn't exactly relevant. This isn't some kind of temporary storage situation. This is a deliberate decision on the part of the software author. Now if you want to claim rights are being trodden upon, be my guest. But claiming that all RAM is now state's evidence is a stretch.
would you have to log what the program that is in RAM is doing?
I.E.
Process A is in RAM, writing to a log
Process B is writing to the log what process A is going through writing
Process A sees B and starts logging what B is doing
Folks, From TFA, we see the following, "[Torrentspy] argued that the log data wasn't available, since it existed only in RAM, and as such, was never stored". The judge, being nobodies dummy, accurately noted that this isn't an impediment to logging that data in the future and has ordered them to do so. Funny jokes about handing over DIMMs aside this is a totally reasonable concept. How many of you all think it's actually impossible to log a number that is in RAM? Are all you /. l33t programmers incapable of writing a variable out to a file?
Then the judge should have said that, and not obfuscated it to the point of making the judge sound incompetent to be making decisions in this field.
Of course, then the question becomes: where do you draw the line on what ephemeral data can a court require to be logged? If you don't draw the line somewhere, the storage requirements for even a week's worth of transactions and data for some places could well exceed the entire world's combined permanent storage.
File under 'M' for 'Manic ranting'
Oh, I'm sure, many of you are going off on this whole RAM thing as if that was the point. What you are missing is that this ruling was meant not really believing that RAM is the key, but the fact of the matter that, for torrentspy transactions, they do not, for just the exact reason this lawsuit began, log connection information, even though that information does pass through the RAM of the system. They focused on RAM as it is, in this case, the only memory device that is realistically capturing any connection information. That connection information is what the prosecution wants. Ergo, this order is, for all intents and purposes, forcing torrentspy to adjust their software to capture the connection information. That's really all it is. The courts, I'm sure, are aware of the transitory nature of RAM, and, through this order, are only addressing that the memory in RAM be captured. The reason they bring this up is because torrentspy, all along, claimed they have no logs that capture connection information, so potential downtheroad supoena's of torrentspy users cannot occur, plsu an audit trail of abuses cannot be captured. This ruling basically says 'Nice try guys, but you now need to close up that loophole'. Seriously, you all go off on the nature of RAM and stupidity of non-technites, but you fail to grasp what this ruling is really about, enforced logging of details that should be captured but the fact that it isn't is 100% an attempt to cover up any illegal activity going on with their servers/services abd leaving no trail to trace. If this was read for what it really means 'Court orders torrentspy to modify software to capture all connection info', which would be more outside the realm of the court to order, it wouldn't even raise an eyebrow save for the tinfoil hat privacy types. But that is outside the mandate of the court, so they just said what they need and now it's up to Torrentspy to figure out how to do it.
The ruling is that TorrentSpy must, in future, maintain records of IP information. How is that meant to help prove or disprove the case that the MPAA are trying to prosecute, which must, by definition, have already occurred? This is not discovery - but an imposition on the way the software is to be re-written. Or can the MPAA say that they think that TorrentSpy will commit an offence sometime in the future and they now want to have the means to prove it?
Have a look at soylentnews.org for a different view
I fear that the above scenario is not that far off.
The summary of this article sucks, most of the comments here are nothing more than ravings based on a bad summary.
The judge wants them to start logging IP addresses. But a judge can't just order anyone to do anything they feel like, there has to be some precedent or law saying they can. This judge said in legal terms, stuff in RAM is stored data. Then he applied rules based on law that covers stored data.
It's like if a company has a policy to burn documents every night, but the judge orders them not to burn documents until the end of the case. There's no expectation that burnt documents can magically be unburnt.
So if my artificial island can't become a nation, then how can I possibly give my consent to be governed by the United "Nations"? And if I can't then why should I care what the UN has to say?
Becasue someone just might be willing to provide the firepower to back it up?
Justice is the sheep getting arrested while an impartial judge declares the vote void.
If you shut your servers down, then you are no longer offering any service and the prosecution has already won.
The decision does not mean that past RAM contents must somehow magically be retained, it merely rejects the defense that because IP addresses are currently only stored in RAM, that they are not possible to save. So basically in this case, they must start logging from RAM into a file. If they disobey that order, it is essentially destroying evidence from that point forward. This is no different from a corporate email system that under normal circumstances destroys email older than x days, and due to a court order is required to no longer destroy email until the case is resolved. The judge wouldn't be saying the normal policy of destroying email is in conflict with the order, but if they disobey or fail to comply going forward, they would be a seriou problem.
-David
My company got in a FUD lawsuit with another company maybe 10 years ago. As the legend goes, the judge ordered us to give them our source code but did not specify a means of transfer... so apparently we gave them a truck load of printed out disassembly.
Buckle your ROFL belt, we're in for some LOLs.
OK, so it is now required that they log the contents of the RAM for future analysis. That means the data must be read from RAM and stored somewhere.
Now, the odd thing here is that, apart from being impractical, the logging company may run into legal issues if they aren't careful of exactly *what* data they're pulling out of the RAM and storing. What if they pull out the wrong section of memory, end up with an AACS decryption key, and get sued for circumvention of a copy-protection mechanism under the DMCA? They were just ordered to by the court, sure, but it's got to complicate matters. After all, the MPAA and co. are already looking at anyone who visits the website; do you really think they'd overlook the opening that would give them?
I think basically the judges knows that it is easy to log IP addresses, and he just didn't buy their argument.
IANAL, but the legal argument I believe is that RAM is a physical representation of information, even if temporary, and therefore it is subject to discovery.
I could be wrong though, because IANAL like most people here. It is funny that a lot of people are calling the judge an idiot for not understanding the technology when this is more of a legal issue (which supposedly the judge is an expert in.)
(I think corrupting the IP addresses like you mention would probably be contempt. The true IP address would be stored in RAM at a point before you corrupted it, and you be responsible for providing these, not something you later obfuscated.)
Does this mean they can subpoena the contents of the white board in conference nine at 7:23 AM on June the 13, 2005?
YES, if the court gives you notice that you must preserve everything that is written on the whiteboards in all conference rooms, then they will expect you to have it preserved, and produce it when ordered.
Take a picture, log the contents, don't erase it - whatever you need to do to preserve the information. Saying "But I erased it!" isn't going to fly when you are subject to a prior order to NOT erase it.
Why can't the court grasp the transient nature of the content of RAM?
It sounds like the company was saying "But I really don't have it, it's just in RAM". That doesn't mean you don't have the information.
Note that this is a prospective discovery order - YOU WILL HAVE THE INFORMATION IN YOUR POSSESION, I REALIZE IT'S TRANSITORY AND YOU NORMALLY DON"T PRESERVE IT, BUT YOU CAN PRESERVE IT, AND I'M ORDERING YOU TO PRESERVE IT.
What's so hard about that?
Do they too fall under this ruling? After all, they do "store" information, for a while, and then it gets wiped. Do you think that companies should preserve ALL whiteboard writings.
What about errors, if I write something and make a spelling error, I erase it and retype it. Should that too be recorded?
What about the information of time. A whiteboard is changed over time as you add new data to it, this timeline could be important, WHEN was the information on the whiteboard added, the time the line "Make sure the brakes work" is added to a car design discussion is important if it turns out the brakes failed on the production version.
So to truly and fully comply with discovery rules EVERY tiny bit of data, now matter how fleeting, has to be recorded, that means video cameras everywhere. Not exactly practical is it?
Torrentspy doesn't log IP's for a reason, there are too many and it just doesn't need them. So their entire setup just uses the IP information as temperory data, like a scrawl on a whiteboard or even a mental note, and discards it when it doesn't need them.
In theory they could offcourse log it, but because something is possible in theory, doesn't mean it is possible in practice.
Lets turn it around, the MPAA is a business and therefore all its business discussions should be recorded, but who is to say they do not talk business at home with their spouses? I say the only way to be sure is to video-tape them 24/7, just to be sure EVERY business related data is recorded as required by law.
Your Post-Its would be closer to a tmp file.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I'm not sure, but how can she order them to do this? Firstly, she's asking them to start manufacturing evidence against themselves. Isn't that, like, against their 5th amendment rights or something?
More important, what law is it exactly that give the MPAA the right to force others to change the way in which they conduct business. Maybe she can order them to quarter foreign soldiers, er hire MPAA sysops, too, just in case someone starts sharing movies.
Can I order a breathalyser be installed in her car because I find it likely that someone might drive it while drunk? Or, do only large corporations get to tell judges what is and is not in public interest?
The Tao of math: The numbers you can count are not the real numbers.
What's really fucked up is how this U.S. court magistrate, and now Federal Judge Cooper, think they can order new evidence to be created after-the-fact. Not to mention how fucked up it is that a U.S. court thinks it can give any order outside their jurisdiction to TorrentSpy located in the Netherlands. And how further fucked up they must think TorrentSpy must be to violate European privacy laws which prevent them from keeping such logs against their published policy, which carry much harsher penalties than some token U.S. ruling.
Truly you are correct, the most fucked up thing about this whole case is how one company (MPAA) can force a change in I.T. policy on someone else (TorrentSpy) all the way in another country!
{ - Generic Guy - }
The real definition of sovereignty could very well be "has the ability to successfully defend from outside powers". Superman would be a sovereign individual, not bound to the laws of any country, because no country could enforce those laws upon him. Darfur is not sovereign because they cannot secure the land they claim as there own. So yes you are quite right that the world is divided into two groups, the sovereign countries and the countries who do as they are told. In that light, how could you blame Iran for wanting to have nukes?
We are all just people.
Given the United Nation's history of failing to honour its own resolutions, I doubt anyone should be too worried about them. The five permanent members of the Security Council maybe, but certainly not the UN as a whole...
You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
All jokes about RAM aside, this is the root of what's being said here - the addresses are in RAM, therefore it can be logged (and should be under the directions of the court in this case). They aren't telling them to record all data in RAM all the name, nor are they telling them RAM is a persistent medium.
Make sure the system responds with an error message that explains all this if you try to login as one of the protected accounts...that to login you have to reboot the server.
It might be easer to explain to the judge that sound is a moving pressure wave stored in air for a very short time from the time he says something to the time someone hears it. I need him to preserve the sound waves in his house from yesterday for permanent record. It may contain evidence of a copyright violation.
The truth shall set you free!
Ahh.. Here lies proof that if you shovel enough blatant bullshit, some ass-clown will mod you informative. Tree farms are another way to say scrub land. It's cheaper to plant the trees and get the government tax benefit, then ignore the crap that grows and harvest elsewhere. It is trees that are growing, but scrub pine and poplar trees, useless for anything but pulp mills, and conning jackasses who want to believe things are better then they are.
Umm ... unless I'm missing something ...
http://en.wikipedia.org/wiki/Persian_Empire
In soviet russia, You ask not what country do for you, but what you do for country!
Oh wait...
That's assuming that the MPAA care about sifting that data - it's equally likely they just want to make the process of collecting the data so prohibitivley expensive that TorrentSpy can't continue, or to spread fear in their users that the noose is tightening. If they can achieve either of those aims they won't even need to use the data.