Slashdot Mirror
UK Anti-Piracy Firm E-mails Reveal Cavalier Attitude Toward Legal Threats
Khyber writes "A recent DDoS attack against a UK-based anti-pirating firm, ACS:Law, has resulted in a large backup archive of the server contents being made available for download, [and this archive] is now being hosted by the Pirate Bay. Within this archive are e-mails from Andrew Crossley basically admitting that he is running a scam job, sending out thousands of frivolous legal threats on the premise that a percentage pay up immediately to avoid legal hassles."
Is this surprising at all? I don't think anyone would be shocked at this...
I am however suprised that the con-man admits its a con.
That's not usually a smart move... But then again... how smart can they be if they put it into emails. let alone had their emails all made public... :P
A recent DDoS attack against a UK-based anti-pirating firm, ACS:Law, has resulted in a large backup archive of the server contents being made available for download
The DDoS has nothing to do with the server archive being stolen and made available. They are two separate events that were done at the same time by the same group of people.
I've gotten, umm.. a dozen or so cease and desist letters over the years.. my response to every single one of them has been to ignore it. No response. They never follow up. Why would they? It's a fishing game, the only way they can get you on the hook is if you take the bait.
How we know is more important than what we know.
The submission is a little inaccurate. Crossley didn't admit, even implicitly, to deliberatly running a scam. What he has admitted is that the data upon which ACS sends out it's threatening letters is of poor quality and riddled with inaccuracies so severe even the clients are complaining - but even though he knows that many of those he accuses are innocent, he threatens them anyway because it's faster and cheaper than producing accurate data. Instead, ACS just threatens to sue anyone who criticises this practice for libel. I imagine that works very well, given that the UK arrangement of libel law is quite infamously written in favor of the plaintiff.
And probably all rendered inadmissible in court because they were obtained illegally. Way to immunise a guy against an awful lot of evidence.
I know someone who was threatened by ACS:Law. As with all things serious, we researched it and discovered it was likely a scam, and this was WAY before they were news-worthy. The threat was ignored, except for a polite response, and nothing else happened. If you pay up, you're a moron. If you think this will stop such companies, there are no shortage of other morons willing to pick up such easy work, and they don't even need to be anywhere near a lawyer themselves.
DDOS, hacking, etc. isn't doing anything but legitimising their actions should they go to the mainstream media. Just ignoring their threats and/or inviting them to court, as any sensible person would do (and have done - ACS:Law are under investigation by various high-level UK legal authorities for legal irregularities) does infinitely more.
The guys an scamming idiot, but it's like a playground fight here - I can guess how much a moron he is without having to break into his personal emails and just because they might reveal he is an asshole doesn't mean that you've "won" anything against anti-piracy lawsuits or even against legal threats with zero evidence. All you've done is become nothing more than a publicity generator. How long before I see on the news: "Pirates hack into law-firm's servers, distribute private emails, law-firm says it's represents the mindset of the people they are chasing".
It was a chain of events, which was triggered by the DOS. According to what I read, in the process of countering the DOS, the default home page was briefly moved. This exposed a listing of the root directory, which happened to contain a backup image, which was rapidly grabbed by the DOSers.
From TFA: "Email evidence that ACS:Law deliberately does not target two UK ISPs, TalkTalk and Virgin Media"
That's interesting. I'm with Virgin so that's nice to know. I wonder why these two?
Perhaps they don't cave as easily as the others.
Or perhaps those ISPs *have* caved, and started passing information direct to the studios
meaning there's no need for ACS:Law to target their customers
It's the same strategy used by police and councils, sending out fines with threats of prosecution for minor motoring offences. Realistically the case is unlikely to go to court, but people pay up anyway because: (1) they want to avoid the months of worry, waiting to find out if they are taken to court or not; (2) often the case would be heard hundred of miles from their home and, even if they win, they can't recover their travel / accommodation expenses; and (3) the court system is notoriously biased against the motorist and appeals are expensive and complicated.
This isn't as off-topic as you may think. People have been convinced by government / police campaigns that paying the fine is "the done thing". For example, someone driving at 67mph in a 60mph zone may be faced with a £30 fine, but if they let it go to court they risk getting 6 points on their license (halfway to losing it!) and a fine in the thousands.
This is what the copyright enforcement industry is now trying to achieve: A form of "justice" based on fear. Not fear of a fair punishment for a genuine offence, but fear of being put in to a situation where right or wrong, win or lose, people suffer significant financial loss and a great deal of worry.
It's the sound of the copyright lobby having another heart attack.
/. had an article on the fact that RIAA spent $16m to recover $391,000 in 2008. It was worse in 2007, when they spent $21m and only recovered $516,000. I know it's been all over the place at various points. Add in the frivolous lawsuits, DDoS attacks and harassment of uninvolved individuals, and the whole copyright lobby looks like an organized crime syndicate.
When will the governments of the world finally say "Enough is enough" to these clowns?
It's not like all this litigation and threats are profitable or anything. I believe
you cant even spell 'bay' correct. yet, you bullshit us over it being fake.
... do you actually know ANY shit ?
fake emails with full headers
Read radical news here
can it be that because virgin is also a big boy music/media player ?
Read radical news here
In what dream world would there ever have been a case against him to begin with? "oh noes, it's rendered inadmissable". Wake up from your fantasy, it's this or it'd never even surface AT ALL.
No, it's a safe bet that destroying his business and his name IS in fact the winning move. As can be seen, he was already being doubted by his clients ("rights holders"), this will likely mean he's dropped like a hot potato. No clients, no income, no income no "Lambo".
Not saying it'll really change anything, but at least one more Douche is getting what he so justly deserves.
Not this quickly. It would take weeks of work by a team of experts to put something like this together convincingly.
I once read on the Internet about a guy who sent a bunch of random invoices to mid-size companies and a few of them got paid.
Don't know if it's true or just an Internet story ...
No sig today...
Oh I wish I could taste Crossley's tears right now.. This is going to be big.
There is a difference!
http://en.wikipedia.org/wiki/Extortion
Extortion, outwresting, and/or exaction is a criminal offense which occurs when a person unlawfully obtains either money, property or services from a person(s), entity, or institution, through coercion.
http://en.wikipedia.org/wiki/Coercion /korn/) is the practice of forcing another party to behave in an involuntary manner (whether through action or inaction) by use of threats, intimidation, trickery, or some other form of pressure or force. Such actions are used as leverage, to force the victim to act in the desired way.
Coercion (pronounced
No, you're being confused by the Virgin name. Virgin Media (the broadband provider) was sold to NTL. Although Branson owns shares in the company, it's not the same company as the record label -- indeed Virgin Media pay Branson a yearly fee just to use the Virgin brand. Further, the Virgin record label was sold off to EMI years ago.
Perhaps there's a difference legally, but I don't see any difference for the common man.
"Pay us $5000 or else be prosecuted," is extortion in my mind, especially since it involves money. The law firms are acting like members of The Family. "Pay us money or else we'll rough you up."
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
Or so my lawyer friends say, telling me a lawyer must faithfully target the client interests -- without any prejudice.
All fine and dandy, but does a judge work like this? Isn't a judge not bound to consider the social context?
Another similar and related example of law misappropriation is patents: who, being sound of mind, would propose to give anyone legal instruments to avoid innovation or to secure market niches? Of course, implementations can and must be protected -- but how did we come to phrases like "innovation must be left to the private sector" or "our corporation is the most innovative (implying others don't need to be) and we'll fiercely pursue or IP rights (implying some group has exclusive rights over human knowledge)"?
It's understandable that one country seek economic advantage from retaining knowledge (in itself a debatable concept, since it probably leads to greater overall ignorance and loss even to said country), and that may work if such nation also has means to enforce such selfish control. OTOH, can it be done? That's harder to do than managing the proverbial herd of cats.
All this behaviour is going to be repeated when another country step up to the leading role... and I wonder how current corporations will fare at China's PTO?
Just a thought, and I am not really too up on it, but by allowing peoples details to be leaked, including address, phone number, account numbers etc isn't this company negligent in its duty to keep such information confidential.
If I was an "Infringer" I would be asking how much for ME to go away after you really screwed up by not even having rudimentary security in place as is required by the DPA and peoples details downloadable my poor data hygiene.
http://www.writeitfor.us - Writing IT for the IT generation.
"Branson owns shares in the company" - there.
Read radical news here
Common man difference is the follow through.
Extortion:
Pay us or we will break your legs
No
Snap, Crackle, Pop
Pay us or we will break your legs
OK
Coercion:
Pay us or we will break your legs
No
OK Bye
They lost, Cromwell and his Roundheads won, and Charkes I was executed...
Stores had a policy of catching teen-age shoplifters, then sending their parents a demand letter saying they wanted $300 for some nebulous "costs". The judges rightfully threw it out. When someone does you harm, you're entitled to be compensated. You may even be entitled to exemplary damages. However, unless there's an amount that is set by statute (which is why they're known as "statutory damages"), you can't just "pull a number out of the air."
Trying to get what you, as a lawyer, should know the law does not allow, is extortion because your threat of legal action is being used to commit a crime. You no longer enjoy the "except threat of legal action" exemption.
Ignoring a cease-and-desist letter that has proof of delivery can hurt you if you are in the wrong.
It's much harder to claim that the plaintiffs sued you "out of the blue, with no warning" for one thing.
If you are in the right, or if the underlying law is unsettled, ignoring them may be the best thing to do - but check with a local lawyer with expertise in that area to be sure. I am not a lawyer and this is not legal advice.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
It's not fake.
And you're still out of a job...
AHAHAHAAHAHAHAHA.
Sucks to be you.
And i mean really... did you think it would work like that forever? i mean hell.. the IT people you had are stupid enough to leave a backup sitting in a root directory.... that's just fucking stupid... you were in way over your heads.
No, you're being confused by the Virgin name.
On /. the word 'virgin' usually has a completely different meaning ;-)
The emails contain spreadsheets with real people, with real adresses and their IP, containing which (adult) torrent they are charged with.
There are also pdf's containing FULL Credit card information.
By the leak they exposed themselves with private information.
Can't they be sued over that?
Don't be - we have a well established history of people being refreshingly honest in the UK.
I'd probably send a "fuck off" reply
Please, if you are replying to a legal letter the correct response is "I refer you to the reply given in the case of Arkell v. Pressdram".
TalkTalk definitely haven't - they were quite vocally opposed to the Digital Economy Act, and have publicly stated that they will never surrender customer's details unless presented with a court order.
TalkTalk definitely haven't - they were quite vocally opposed to the Digital Economy Act
I still find it odd that the boss of TalkTalk is heavily against the Digital Economy Act, but had no problem tracking all of his customers.
the practice of forcing another party to behave in an involuntary manner (whether through action or inaction) by use of threats, intimidation, trickery, or some other form of pressure or force
And this is not what happens? Let me guess: they pay up in a voluntary manner after being threatened with lawsuits.
"A recent DDoS attack against a UK-based anti-pirating firm, ACS:Law, has resulted in a large backup archive of the server contents being made available for download, [and this archive] is now being hosted by the Pirate Bay.
No, it's not. Last time I checked, Pirate Bay didnt host that kind of content, only _the information_ on how to get to the content. When did we start to get it wrong even on /.?
If that were true, more of these sham companies would "leak" this kind of info, making themselves immune from prosecution by claiming that everyone who has this information clearly must have obtained it illegally.
Your response? "No, because if it's well known, there will be more parties subpoenaing this information."
Well then, the information will become known and the sham companies will be more easily prosecuted, won't they? So this is clearly a good thing.
I concurse, frabricrated on teh xetremely side for maincure, on untreat spreed among flowering piddle on justice wings
Have mercy on teh anima!
And how, pray tell, do you know in advance whether the guy casually dropping a baseball bat into his hand is going to follow through on his threat or not?
-=This sig has nothing to do with my comment. Move along now=-
The difference is that people are supposed to be able to trust the legal system. "Be prosecuted" shouldn't be a threat if you're innocent, and the fact that it is is a huge damnation of our system.
Don't watch their films or buy their music.
It's all poisonous, propagandistic crap anyway.
you had me at #!
While 'bad kings' Bush, Cheney and Blair (and hundreds of others - including Kissinger) have certainly earned beheading for their crimes, they won't even be brought before a court. That's progress!
you had me at #!
But the fact that this firms emails might be the first part of showing a pattern of improper behavior by these firms in general.
If you could show that these firms tend to behave recklessly you might be able to have a shorter trial, hit them for damages, etc.
Not sure, but in some countries, breaking the law removes the corporate shield from your assets too so people can go after your personal assets.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Heck, you don't even need to have a real gun.
You don't even have to have a fake gun.
Just the act of saying "I have a gun" is sufficient to be charged with armed robbery once they give you the money.
However, when they step beyond the bounds of the law - for example, threatening to sue for monetary damages without actually being able to show any monetary damages OR statutory damages, and falsely claim to have forensic evidence, when the server logs in question were not yet properly analysed (sorry, but saying that a log shows that ip 11.22.33.44 was used at such-and-such a date, without any analysis having been performed to see if the date and time are correct, that the traffic transmitted was actually the content in question, and that the ip matched that person's computer (not their account), and falsely claiming that it is illegal to have an open wifi connection, they are now into extortion.
It's why they're being investigated.
Hey, there's an Apple story on the front page. Shouldn't you be pissing all over that?
Actually I do get it, that was my exact point. If someone's making a threat it doesn't really matter whether it's coercion or extortion as you have no way of knowing if they're going to follow through with the threat.
-=This sig has nothing to do with my comment. Move along now=-
Yes: userID > 300000.
Extortion is a form of coercion (notice how coercion is even in the definition of extortion), which itself falls under the legal doctrine of "duress".
It's because they've both publicly stated that they will challenge requests for subscriber information that don't come complete with a court order - see this Torrentfreak article from a few days ago.
"While we all know that an ISP must comply with a court order once it’s issued, Plusnet and virtually every other ISP in the UK are giving the likes of Gallant Macmillan and ACS:Law a free ride by agreeing not to contest in advance."
For your secondi definition, if you actually look at the link you provided, it is a definition of forensic science, which is not the same as forensic evidence. ACS law did not assert that there was any forensic science used.
There are also forensic accountants -- where's the science in that?
How about Webstter:
See any mention of science there?
Which has nothing to do with my point that to be "forensic", there is no requirement for science to be involved (which you, moron, clearly asserted).
He had an email receipt of purchase from Itunes for "Ke$ha - Tik Tok"
Well let me point this out from Canada. In Canada coercion is illegal(unless it falls under a very limited set of exclusionary rules), and extortion is illegal. Don't do it, don't do it at all here. We will come down on you hard.
Om, nomnomnom...
The first costs money. The second makes money.
Don't fight for your country, if your country does not fight for you.
Yes, but the "Virgin record label was sold off to EMI years ago."
In the UK, it's called "Monies by Menace."
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
What they got from BT is not admissible without human testimony. So, sop being stupid.
They have NO "forensic evidence."
They do not.
They don't have any such "forensic evidence" - all they have is a statement matching an IP to a user account. That does not, by itself, prove anything. Heck, it's not even admissible in court without a witness to testify to it.
Their claim that an open wifi is illegal is equally bogus.
Maybe you should read their demands first.
It's like shooting fish in a barrel here. Go back and read your own post:
and ? emi is, in case you dont know, one of the 4 biggest media/music companies around the world...
Read radical news here
TalkTalk's reaction to all requests for information and to Mandelson's industry blowjob bill has been a robust Foxtrot Oscar.
Despite their dismal support and the fact that they'd upsell you your own mother if they could it's remains a very good reason to stick with them.
No, you still don't get it. It's the accusation itself that's the issue, whether they're going to follow through or not is a different story altogether. For instance, if you're accused of CP, then you're done for, even if it's proved you're innocent.
And EMI do not own NTL. There is no connection.
>>>"Be prosecuted" shouldn't be a threat if you're innocent,
So ignorant. LOTS of innocent people go to jail (sometimes for 20-25 years until DNA proves they did not commit the crime). And even innocent people are not innocent thanks to our morass of laws that make nearly-everything a crime.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
"Be prosecuted" shouldn't be a threat if you're innocent,
Seriously? You couldn't finish reading that sentence to realize I was making your point? If a comment is only 2 sentences long, you might want to read both of them before rushing off to insult someone.
connection ?
the war on sharing is overseen and perpetuated by 4-5 big media groups in usa. riaa is their tool in usa. in all other countries, they use national equivalents of ria, through their subsidiaries or local media groups they have affiliations with or influence over. did you think these were individual actions ?
Read radical news here
Sorry, I thought you had read my original post above in this thread. EMI own Virgin Records. NTL own Virgin Media (the broadband provider). There is no link there. Hey, Virgin Media can collude with *iaas, I don't know, but I do know the label and the telco share only a name.
The entire modus operandi of ACS Law depends upon the involvement of law agencies, in that the interpretation of IP addresses into physical addresses relies upon legislation that essentially obliges ISPs to cave in and supply addresses, rather than protecting their customers' privacy. There is an exactly parallel process at work in private parking enforcement in the UK. DVLC (in theory at arm's length from government) translates vehicle licence plates into owners' addresses for private parking enforcers, who then send out extortion letters (without a valid basis in law) essentially the same as ACS Law use. Most people reading this will react along the lines of "You have nothing to fear if you park considerately". Alas, no, I can cite chapter and verse of a scam operation that deliberately targets parked vehicles that are vulnerable (for a particular reason that it would be best not to spell out). The core fact is that the operation of certain laws creates a business opportunity for low-lifes to exploit.
Nor did Sky, it's just that Sky colluded with ACS:Law to not oppose the order. That sort of thing is absolutely fatal in an adversarial system, especially where the defendant is really a proxy for defending a third party who would prefer that they be vigorously defended. I don't see how Sky isn't 100% liable, having taken the decision not to inform their customers that an order which would harm them had been applied for, for any damage caused by their less-than-optimal attempt to fight it off.