Slashdot Mirror
Judge Excludes 3 "John Does" From RIAA Subpoena
NewYorkCountryLawyer writes "In one of the RIAA's 'John Doe' cases targeting Boston University students, after the University wrote to the Court saying that it could not identify three of the John Does 'to a reasonable degree of technical certainty,' Judge Nancy Gertner deemed the University's letter a 'motion to quash,' and granted it, quashing the subpoena as to those defendants. In the very brief docket entry (PDF) containing her decision, she noted that 'compliance with the subpoena as to the IP addresses represented by these Defendants would expose innocent parties to intrusive discovery.' There is an important lesson to be learned from this ruling: if the IT departments of the colleges and universities targeted by the RIAA would be honest, and explain to the Courts the problems with the identification and other technical issues, there is a good chance the subpoenas will be vacated. Certainly, there is now a judicial precedent for that principle. One commentator asks whether this holding 'represents the death knell to some, if not all, of the RIAA's efforts to use American university staff as copyright cops.'"
When file sharing your music and movies, use public wifi points to crush any lawsuit potential from the RIAA!
Most of my neighbours have wireless.
I could crack into them in minutes and download.
Are they supposed to be security experts now?
What about when WPA gets cracked? even the ones with a little knowhow will be open for a time.
If someone breaks into your house and commits mail fraud while you're away are you guilty because your door wasn't strong enough to keep them out?
"accessory to their infringement" is bullshit
Sad but true. just leaving the problem that I can change my mac address and even with username/pass systems pilfering a login/pass from a com girl or arts student in my uni would be childsplay
In 2001, my alma mater had 2 45mbps lines for the university and they were consistently hammered by the students doing file sharing. It got to the point that some people in the CS department joked that banging out packets across tin-cans-on-strings would be faster than using the campus network when classes were generally over for the day.
Then, the university instituted packet shapers across the network and it got usable again. Usable to the point where I didn't feel like I was on a 14.4k modem again.
If you want to bootleg content, then pay for your own connection.
The RIAA could demand some draconian cerberos system, but I doubt that rendering large campus networks unusable will garner them any support from the already annoyed campus IT admins. Anyway, much like the AV companies vs virus-writers, this battle is an entirely defensive one.
It's nice to see something logical leaking out of the judicial system, however.
An internal system operation returned the error "The operation completed successfully.".
You bring up something that I think about somewhat often.
On the one hand, the Internet is incredibly useful and provides so much information and entertainment which I believe everyone SHOULD be able to access. It would be a huge loss to society, imo, for people lose this.
On the other hand, computers are complex. Networks are a complex part of computers. Security is a yet more complex part of computer networks. These are things that people spend years learning about and are constantly learning more about, yet here we are encouraging average, untrained people to stick computers which they are basically system administrators for on the largest, most complex, and hardest to secure network in the world? How much sense does that make?
Of course, it would be so very socially awkward to point out that virtually all policies slashdot have supported so far amount to in effect a regressive wealth transfer from the poor to the wealthy, where the poor who are for whatever reason unable to use a p2p service and thus purchase CDs subsidize the entertainment of those who otherwise generally can afford it. Oh no. Pointing out such things is just not cool.
How can you be "impeding the investigation" if you took these measures before any such investigation existed? It would be one thing to destroy evidence after being issued a subpoena but I'm not aware of any law that requires IT departments to retain logs of IP assignments.......
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
If we're required to do blocking and monitoring, the BU defense won't hold, because we'll have the data.
I wonder what kind of ridiculous fine structure or penalties there will be for not logging what you monitor?
How about a well documented disk failure event on the file system containing all the logs? "Sorry, Your Honor, we logged everything, and then the disk failed."
Are we going to be legislated into complete backup strategies? I doubt it.
I think the Senate/Obama stance is that bad business models can be allowed to fail (See GM, Ford, Chryseler). It that holds true, the business model of the RIAA/Big 4, which was a sinking ship before Sep08, will certainly have some scrutiny before legislation. Couple that with overwhelming projections of a poor buying season, and I can't see how the RIAA has much of a leg to stand on here.
Well, gosh, when you spin it that way, who'd let themselves be used?!
Eh, I wasn't spinning, that's how I really see it. My job as an IT person is to make sure that the network is functional for my users. My job isn't to help RIAA build a case that will be used to bankrupt one of my users based on some thin argument like "making available". Not having logs of IP assignments (or keeping those logs for very short periods of time) isn't going to be a huge hindrance to me -- so I choose not to keep them in my shop.
The RIAA and their unlicensed investigative agencies do that
Fixed that for you :)
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
I think the problem here is poor definition of "left" vs. "right."
Ask a question pertaining to abortion, and most of the answers here are "anything goes," which sounds left-wing. Ask a question about the economy, and the answers are more "government isn't your sugar daddy," which sounds right-wing.
I think the most common /. viewpoint is best described as "libertarian," which can be summed up as "leave us alone and don't tell us what to do."
How do IPs not specify identity?
They just don't.
Sure, you can build a system with multiple paths of registration and logging and authentication, but a majority of those processes can be spoofed or socially engineered.
If you came up to me with a subpoena asking who had IP address 192.168.1.X on this day at this time, even if I still had the logs on my DHCP server, it would take a significant amount of forensics (IE, an audit of every laptop my friends or neighbors own) to determine who the culprit was.
Boot Windows, Linux, and ESX over the network for free.