ISP Sued By Irish RIAA

NewYorkCountryLawyer writes "An ISP in Ireland has been sued by the Big Four record labels because its subscribers have engaged in P2P sharing of the record companies' song files. The record companies claim the ISP should be buying Audible Magic's CopySense, the software being peddled by the RIAA's expert witness, which supposedly would filter out copyright infringement. Of course, not everyone agrees."

fight it

[DKP]

fight it all the way and if the iaa wants software installed then let them pay for it not that it would work.

Re:fight it

[mwvdlee]

Sueing somebody to force them to buy a product... isn't that kinda, I dunno, anti-competitive?

Smells like standard record company BS

If the Irish version of the RIAA thinks this software is sooooo great ans sooooo necessary, why don't they buy it and give it to the ISPs?

Re:Smells like standard record company BS

[Tuoqui]

Because the ISPs don't want their shitty ass code cluttering up their networks. So they need to use the legal system to try and strongarm them (read: Force by means of court order) into installing this crappy glorified spyware onto their networks.

Re:Smells like standard record company BS

[MightyMartian]

Because they seem to think there's a business opportunity in a new line of extortion revenue based on a faulty software package that won't do what they claim it will.

Re:Smells like standard record company BS

[aproposofwhat]

we will never see deep packet inspection inside providers, as this is absolutely expensive to do an no provider would do it without coercion

I wouldn't be too sure - the infrastructure needed for Phorm's 'targeted advertising' could easily be adapted to inspect more of the data - it already intercepts HTTP requests, and it's not a great step from there to data inspection (though the lookups are going to cost a lot of latency).

Once the ISPs allow themselves to be corrupted by Phorm, expect to see packet inspection proliferate massively.

Re:Smells like standard record company BS

[Ralph+Spoilsport]

I agree with you, and, I would add this:

That the idea of file sniffing software is sheer idiocy, prima facie. Why? Because all you have to do is "compress" the mp3 into a zip file, and bingo: no more mp3, just a zip, and if they start opening up every zip that's emailed or set up in the net, the entire interweb thingie would grind to an instant halt.

All of this was dealt with at Napster (I used to work there) and we scenario-ised all different combinations of spoofing and clamping etc. We thought of going after file names, so then we started writing names in 1337, Nirvana-SmellsLikeTeenSpirit.mp3 started popping up as n1rv4n4-sm3lzL1| That was also circumventable by editing the file using a destructive editor and recompressing it. Even still the system would catch a massive number of files. We were concerned about people skipping around Napster because Napster was developing a billing client. The efforts did not mollify the RIAA and the rest was history.

Since then, I've thought of compressing the files into a zip, and if there was a client that could autozip-unzip on the client side, then it wouldn't affect the network at all.

Also, there was a program called metasynth that could turn sound into an image file (like a BMP), and then people could trade BMP files that could then be turned into audio.

So, the research is still there, and all it takes is an open source free-as-in-beer translational file system to circumvent ANY sniffer from the RIAA, especially now that drive space is practically free. Such a translator would take the contents of an audio file, translate it into a BMP and then automatically compressed into a zip. At the other end, the translator takes the zip, unzips it, and then translates the BMP into an mp3. Done. The zip file is left in a "sharing" folder, and the mp3 is autoloaded into iTunes. Today's Multiprocessor machines would make this kind of computation a trivial task.

If anyone decides to build such a thing, please be kind and let me know by naming it "Pushover", because that's what it does. Personally I have neither the time, inclination, or skillset to program such a thing. Next life time, maybe.

There is NO way the RIAA can win this. They are fighting a losing battle. The ONLY way they can win is by getting in with the major ISPs (ATT, SBC, Verizon, Sympatico, Rogers, etc.) and collude with them to enforce selective traffic shaping/blocking. Some ISPs are already doing that to optimise bandwidth - all it would take is something more organised. Which is why Net Neutrality is so crucial.

RS

"Obvious ways"?

[Damon+Tog]

The two "obvious ways" to defeat Audible Magic (as listed in the article) do not seem very promising to me. If large numbers of filesharers begin to send huge transfers amounts of data over SSL, it's going to be pretty noticeable. In this day of ISP "traffic shaping," I wouldn't be surprised to see SSL throttled down to the point where transferring large files becomes painfully slow. The second strategy is not currently possible (as the article itself states). It goes on to admit that future OS upgrades would be required. I'm sure Microsoft will be more than happy to modify their TCP/IP stack to help make filesharing as easy as possible.

This technology is not foolproof, but it does require filesharers to jump through additional hoops to distribute files. Hardcore filesharers will no doubt toil obsessively to workaround the issue, but some casual downloaders may conclude that the hassle and risks associated with filesharing is becoming greater than the costs of paying $0.89 to get the song from Amazon, etc.

Eliminating %100 of copyright infringement is not a requirement for the RIAA to regard its strategy as successful. Simply making the process risky and aggravating enough that most people will switch to paying for music is enough. Each generation of this cat and mouse game between the "pirates" and the RIAA has resulted in an increased compartmentalization of p2p networks. Sure the "hydra" will grow more heads and live on, but it's hard to ignore that something that could immediately be located and downloaded on Napster in the Year 2000 now frequently takes time to hunt down and leech via bittorent.

Re:"Obvious ways"?

[Damon+Tog]

"lastly, why should it be up to the isp's to monitor this? how the hell is it their problem?"

I half agree with you, but something like %30-50 of traffic on the internet is bittorrent, and a big chunk of bittorrent traffic is regarded as illegal activity (in most jurisdictions) by a good many folks. If there was a highway where %30-50 of the vehicles were widely known to be transporting something illegal, would you be surprised if the local authorities took an increased interest in that particular road and began to watch things a bit more closely?

"I also think it's bullshit to claim it was easier to download a song in 2000, go on any of the dozens of torrent websites and you'll find anything you want in 2 seconds flat."

You'll find them listed, but they aren't necessarily current or well-seeded. I'm not saying it's necessary *difficult* now, but it's not quite as easy or as immediate as it was back in the Good ol' Days of Napster. Those small increments of difficulty and gratification delay are increasingly significant when DRM-free music is now much easier to get legally and quickly.

Re:"Obvious ways"?

Your point is right, but your facts are wrong.

You are confusing encryption with steganography (which by the way, we're fairly bad at). You can most certainly tell if data is encrypted. The problem is that if the ISP can't tell it from other encrypted data that users require to be low latency (like SSL connections to bank websites) they can't throttle it or users will get angry, and they'll lose too much business to other providers.

I can fileshare with any protocol that can send data. The ISP can't tell what I'm encrypting, just that it's encrypted. So as long as most users would get up in arms over traffic shaping of some type of encrypted traffic, I can fileshare using the same protocol.

So. To repeat. You CAN tell data is encryped, you CANNOT tell what is encrypted. The handshake alone gives you away, and if not that then the fact that your bits are statistically way too random is quite reliable for detection.

extortion.

[Bishop+Ebonhand]

Doesn't this sound suspiciously like extortion? "buy our 'partner's' software/protection or we'll sue you for infringement" I wonder what kind of kickback they're getting on it?

Right

[dissy]

If they wanted them to use the software so bad, they would give them a copy for free.
Greedy bastards

Re:Right

[Tsu-na-mi]

I wouldn't call this funny. I thought the same thing -- that if giving away hundreds of thousands, even millions of dollars worth of their blocking technology would prevent the "billions of dollars" per year of losses in music sharing, it would be a no-brainer for the RIAA to offer their product for free. The only logical conclusions you can draw from their stance are that their losses are not so large as they claim, or their tech will not be effective in stopping it.

RIAA wants someone else to do the dirty work:

[Fluffeh]

A funny story that sort of shines out as an example here of how this all fits together:

In Australia in recent years there has been a push to stop selling cigarettes to under 18's. There are harsh fines and so forth to both the business and to the individuals who would do the selling.

One smart (or lazy/tricky depending on what way you look at it) cookie decided that as a shop owner who sold tabacco products, he was being asked to do regulatory work on behalf of the state government here who said that he shouldn't sell to minors. He took the government to court - and amazingly won the case. (I couldn't find anything on google though).

THe basic premise is the same here though, the RIAA and governments are imposing rules about what can and can't be done by users of something else, but they want someone else to do all the dirty work imposing the law. It's a bloody great way not to do any work if you ask me - by getting someone else to do it, and pay for it.

While I support copyright, I think that they should stop trying to get ISP's to do all the dirty work.

Re:Here's the only two things you need to know

[Kjella]

Pointy-Haired Boss: I don't see anything that could stand in our way.
Dilbert: Sanity? Reality? The laws of physics? Never underestimate a manager that think he's missing out on the big bucks. I assume they'll go by some sort of "willful ignorance" logic, that Eircom is purposely not monitoring to learn any specifics of copyright infringement. It's a rather weak argument though...

Re:Honda car used to steal my parking spot!

[Solandri]

Police sue automakers for allowing drivers to exceed the speed limit.

Parents of child porn victims sue camera manufacturers for allowing pedophiles to make child porn.

Corporate hacking victims sue computer manufacturers for providing hackers tools to break into their systems.

Violent crime victims sue weapons manufacturers for enabling criminals to harm them.

China sues Western democracies for giving its citizens subversive ideas of freedom and civil liberties.

Re:Here's the only two things you need to know

[Skrynesaver]

Actually an alternative defence for Eircom could be that their network is crap, their broadband rollout has been pathetic and if they were doing their job properly IMRO would be seeing waaay more music downloads.

Seriously though this one just isn't a runner, the various record label umbrella groups have realised they can't go after every 12 year old with computer access (or in the US case suing indigent men for their shopping trolleys) so they will try to tackle the access, however any company that put this cruft on their servers would lose their subscriber base overnight as people fled to other providers.

Re:Lets burn our public libraries

[howlingmadhowie]

if i consider the films i've downloaded, i can't say i've watched many of them more than once. and with most of them, i'd have been pretty annoyed had i spend money on them.

How exactly does CopySense work ?

[Mornedhel]

How exactly does CopySense work ? I just read a PDF of their propaganda. Apparently an artist wishing to "protect his copyrighted works" registers in their database. Then CopySense makes a "media fingerprint" of the files - what do they mean by that ?

If they mean an actual audio fingerprint like MusicBrainz does, wouldn't the entire file need to be downloaded first ? So they're scanning the entire P2P traffic for relevant packets and recomposing the file on their own systems (including compressed files, since they could be an entire discography, hey, who knows ?), and *then* comparing the fingerprint ? Sounds really resource-expensive to me. Then on with bigger, more complex files (movies, HD movies...). Then they also say they can filter out porn/kiddie porn P2P traffic. Have they got fingerprints of THAT ? All existing porn movies ? Sounds like the largest porn collection on Earth. And you would only need to distribute the files with the video turned upside down and the audio playing backwards to defeat the system. Or are they relying on torrent file names for that ?!

If they mean an SHA1/MD5/whatever fingerprint, it's even less feasible, as they would need one for every possible encoding (MP3 CBR 128kbps, MP3 CBR 192 kbps, MP3 VBR... Vorbis... FLAC...) and compression (.gz, .zip, .rar, .7z, .bz2...) and combination of both.

Does anyone here know exactly how CopySense work, and IF it works at all ?

Re:How exactly does CopySense work ?

[azrider]

Then they also say they can filter out porn/kiddie porn P2P traffic. Have they got fingerprints of THAT ? All existing porn movies ? Sounds like the largest porn collection on Earth.

Not only that, they have now confessed to possessing child pornography!!

Take that, Audible Magic!

Packet Shaping

[Bonzodog01]

"The record companies believed greater availability of broadband will lead to a further escalation in the volume of unlawful distribution of recordings, he added." It looks like they don't like the idea of Broadband getting to Ireland. I live in Galway and use ntl/chorus cable for my Broadband. I have discovered that they are packet shaping my connection, as I cannot get a Bittorrent connection to sail above 5k/s for more than a few minutes at a time, it's hopeless, even downloading legal torrents for ISO's for Linux Distro's. Yeah, I'm Galways Linux User.

Re:Here's the only two things you need to know

[ObsessiveMathsFreak]

The ISP has no obligation and the *AA can't seem to "educate" themselves out of their problem.

This is Ireland. We don't so much have laws here as we have sort of "tribal customs". Over here, even if a law is struck down as unconstitutional, the supreme court has ruled that you can still be imprisoned under it. It used to be illegal for Irish ISPs to hold certain types of data for more than about six months, I believe. It was at one time discovered that Eircom, the ISP mentioned in this article (effectively the Irish AT&T), was retaining this information for three years, the government passed a bill making it mandatory to store it for at least three years.

That's how things work in this country. We're kind of a one party state meets banana republic meets laissez faire capitalism. Basically, laws here are universally subject to interpretation and arbitrary revision. That's when they're not being ignored outright. If Eircom agrees to the censoring and monitoring, then it will become legal. If it doesn't, it won't. I doubt the IRMA is anywhere near as well connected or influential as Eircom representatives, so unless they're willing to pay up, in either bribes or in financing the system, this surveillance simply isn't happening. Anyway, we're all under surveillance anyway, so this entire issue is rather moot.

What about false positives?

[Gordonjcp]

I *want* people to redistribute my copyrighted material over P2P networks. Preventing this from happening causes me a problem. If my material is wrongly detected as something the RIAA don't want shared, it harms *my* profits.

I suppose the question is, how do you detect false positives, and when they happen who do I sue?

Re:Lets burn our public libraries

[mariushm]

Well, they're probably not even taking those 2 dollars. If the book has no success (as in sells few copies) the author won't make any money.

I'll give you a real example here, that happened to me when I went to university.

In order to get promoted and be able to earn titles like "Doctor Honoris Causa", a teacher is required to have some works of his published, the minimum being at least three books printed and about 10-15 articles in different magazines.

So, the teacher talks to a printing house, which says they have no guarantee that the book will sell, so the author has to pay for the printing process.

If a book costs 6 dollars, the publishing house requires the author to pay 3.5-4 dollars for each book.

The teacher obviously wants the have the book published, he goes on and publishes the minimum of about 250 books and then he wants to get his money back.

So what does he do?

At the start of a semester, he tells his students that at the end of the semester there will be a yes and no test with questions from his book, and students will be allowed to use the book at the exam, but not copies of the book.

The second edition of the book, the third and so on, belongs to the publishing house, they have the rights, and if the publishing house won't get their money back for the printing process, the author won't get any money in the future.

This is probably the best scenario, where the author can move the books, has guaranteed buyers for the books.

Not all authors afford to pay in advance, which makes them reach an agreement to not receive any payment until the publishing house gets all the money back. This may never happen (Hollywood accounting).

The author would make more money if you just send him a 5$ check in the mail.

Re:makers of grammophones to sue too

[sm62704]

is it possible that the average person has a certain budget for entertainment and just spends the money buying what they want?

Most people don't work on a commission or have an unlimited amount of funds. Normal people have a certain FIXED INCOME* (salary, wages, retirement, etc). I don't know about Ireland but we're paying a hell of a lot more for gasoline here in the US. Every dollar I spend at the gas station is a dollar I can't spend on a CD.

-mcgrew

*If it's a fixed income how come I'm always broke?

Re:Internet TV will Kill ISP Tracking

[monxrtr]

If large numbers of filesharers begin to send huge transfers amounts of data over SSL, it's going to be pretty noticeable. All web pages must send data to be viewed. All content whatsoever must send data to be viewed. File sizes are going to increases *exponentially*! There will be absolutely no way for the isp to distinguish between phone traffic, "illegal" p2p traffic, and even the isp's own "movie" file offerings.

It will become nearly impossible for anyone to know the contents of any file by merely looking at size, distribution, origination, etc. ISPs will lose a helluva lot more money with their free speech violations that end up blocking news feeds, public domain library contents, etc. There's a helluva lot of *expired* copyright content to be exchanged and hosted, and the amount of that content will only continue to mammothly exponentially grow.

You might also think it's "quite noticeable" that just the sheer number of files grows every single day. For a microcosmic example, the number of posts on a site like /. grows every day. Now multiply that out over the entire internet, and legitimate "legal" information compendiums on topics will start to dwarf all the "copyrighted" content combined.

If copyright police and ISPs decide to make information flow a war they are living in la la dreamland in they think they can win. Big businesses like Comcast are already having their asses handed to them by minor "scooby-doo kids" groups. These efforts are only going to become more professional, better organized, better funded. The RIAA is doing nothing more than setting up a copyright troll business model to be copied that will screw those with the biggest pockets the hardest.

When the history books are written, this will be regarded as a mammoth world-wide Boston Tea Party-esque Victory for consumers. Copyright is doomed because it's economically inefficient. The costs of filtering and policing will only continue to soar with the sheer size of content available on the internet. The government could 24/7 audio-visual record everyone in the world. Do you have any idea the time and budget constraint costs actually listening to all that would cost? It's practically impossible, and as effective as a police officer on the African planes ordering a stampede of animals to "stop!" The private police going to be run over at best, and pay bankrupting legal settlement costs for the privilege of being run over at worst. In the end, they will choose to just move aside and abandon copyright.