Slashdot Mirror
Troll Complaint Dismissed; Subscriber Not Necessarily Infringer
NewYorkCountryLawyer writes "The courts are finally starting to get it, that the subscriber to an internet access account which has been used for a copyright infringement is not necessarily the infringer. In AF Holdings v. Rogers, a case in the Southern District of California, the Chief Judge of the Court has granted a motion to dismiss the complaint for failure to state a claim where the only evidence the plaintiff has against defendant is that defendant appears to have been the subscriber to the internet access account in question. In his 7-page opinion (PDF), Chief Judge Barry Ted Moskowitz noted that 'just because an IP address is registered to an individual does not mean that he or she is guilty of infringement when that IP address is used to commit infringing activity.'"
Great news!
Now we just need a catchy slogan for his Presidential campaign in 2016 where he captures the all-important tech vote.
This needs to be held up on appeal to the 9th Circuit Court, and we can celebrate. Otherwise this is a smart District Court Judge's ruling that is only persuasive in other cases.
Many ISP's terms of service hold the subscriber responsible for any activity coming from the IP addresses that they are leasing to the subscriber, and can in those cases still be held civilly liable (albeit not criminally).
File under 'M' for 'Manic ranting'
Wow? What a revelation this is indeed.
We have finally gotten some of it! This is a great first step in making the Corps that are issuing these lawsuits to actually do their investigation.
Now, if this passes, they may try to pass laws to make the subscriber responsible (can anyone say Unprotected Wifi laws?)... which will be the never ending fight.
Is this really something to cheer about? Rah rah yay evil copyright trolls defeated! But wait... is this really fair?
The judge's ruling states that an IP address isn't sufficient information to bring a claim, and that discovery is not permitted. Doesn't that make it pretty much impossible to file a copyright infringement claim against someone for downloading a file? The only way I can think of to tie an IP address download to an individual would be to look at the hard drive of the computer to determine if the file was ever there.
The judge also points out that the owner of the wireless network is under no legal obligation to protect their wireless network from someone else using it. So it upholds the wireless network claim, although it wasn't used in this decision.
I am no fan of the copyright trolls, but I don't think making it completely impossible to track down copyright infringement cases is fair either.
Last note:
The judge granted the motion on one of three counts brought against the individual. They can refile on the first two counts if they can find a way to identify the individual, not just the IP address.
Want a simple correlation? If you force gun owners to register their purchase, and then hold the registered owner responsible for any crimes committed with that gun. Bring that up in a trial and then get your popcorn as your local politician tries to explain his loyalty to both sides.
A single IP can be used by many people at the same time. Some of them can even be out of sight of each other. This doesn't hold true for guns.
This isn't a particularly big deal. The "IP address isn't a person" argument has been brought up in cases before, but it's just never mattered. In previous cases I've read about, there was other evidence, such as the infringing material being found on the defendant's computer, or usernames related to the person's real name.
Similarly, a gun registration doesn't mean the owner's automatically responsible for any crimes, but it does certainly put the owner under suspicion, and may be probable cause for a more thorough search.
You do not have a moral or legal right to do absolutely anything you want.
By analogy, I (or more aptly, the *AA) could express astonishment that you give out your wifi password to everyone who visits your house. I don't see that being a remotely useful argument.
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
Guns can be stolen, or even "borrowed" without your knowledge or consent.
If he is significantly rural, he might not be running a wifi password at all. My brother's wifi is barely accessible outside of his house, let alone the .75 miles between his house and the nearest public road, so he does not bother with it.
In comparison, I keep a strong wifi password, as I just found out that my wifi is line-of-sight accessible from the picnic pavilion in the park across the street (literally line of sight, the router is in the living room with only a few panes of glass between).
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Want a simple correlation? If you force gun owners to register their purchase, and then hold the registered owner responsible for any crimes committed with that gun. Bring that up in a trial and then get your popcorn as your local politician tries to explain his loyalty to both sides.
A single IP can be used by many people at the same time. Some of them can even be out of sight of each other. This doesn't hold true for guns.
With Carrier-grade NAT, a whole lot of people may be using the same IP address at the same time, and they wouldn't even have to be in the same state...
An internet connection can easily be shared between multiple simultaneous users. When 5 people can aim and fire 1 gun at the same time, I'll agree with you.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
This isn't a particularly big deal. The "IP address isn't a person" argument has been brought up in cases before, but it's just never mattered
It would be absurd to even insinuate that an IP is a person. From what I know, an IP doesn't have "life" or a "state of mind," so how can it be a person?
An IP in this context could be used to narrow down a set of suspects. In other words, it's just a set of numbers, right?
The pdf states that only claim 3 (negligence to secure ones internet connect) was dismissed. Claims 1 and 2 were deferred back to the plaintiff to provide more evidence to provide the claim that the defendant commited infringment and willingly redistributed copyrighted material. They plaintiffs have 20 days from the ruling to provide thsi evidence.
This ruling is huge.
Ever since I first got involved in fighting the RIAA's litigation campaign, and blogging about it, in 2005 [that's almost 8 years ago] I've been arguing that it is not a sufficient basis to bring a lawsuit against someone that an internet access account for which he or she pays the bill was used by someone for a copyright infringement. Even though I, and lots of other lawyers, and lots of other techies, and lots of other people from all walks of life knew this, I have never -- until this ruling -- seen a JUDGE dismiss a complaint because of this.
If those of you who are saying this is "not a big deal" or "was expected" know of any prior decisions like this, please show them to me. Otherwise, STFU about it not being big. After about 10 years and hundreds of thousands of frivolous lawsuits, finally a judge has pointed out that the Emperor is wearing no clothes.
It is one of the most newsworthy copyright posts I have ever seen on Slashdot.
Ray Beckerman +5 Insightful
If I knowingly loan one of my guns or vehicles to someone I know, or should know, to be a problem, I would expect to be held liable to some degree. If, however, someone steals one of these things or otherwise accesses them without my permission, the liability is theirs.
And what if you loan out your hunting rifle to your friend to go hunting, and they end up murdering somebody with it, should you be held responsible? What if you loan your car to your friend to go grocery shopping and they end up running a red light and killing somebody, should you be liable? I think only if you have a reasonable belief that the individual might use it for that purpose. How about if somebody steals your car or gun and does the same?
One problem with WiFi is that you don't necessarily know if somebody else is using it. In the case of a car or a gun, you generally know if it gets stolen because it's not where you left it. Sure, you can lock your doors, but somebody can always break a window. With WiFi, sure, you can always click the little password checkbox, but it's still not hard for somebody to break into it. In most situations (that is, most people with most setups) they're not going to be able to tell if somebody else was using their WiFi.
Another car analogy...if your car runs a red light with a red light camera, or speeds and gets caught by photo radar, if somebody else is driving your car then should the burden of proof lie on you to prove somebody else was driving, or on law enforcement to prove you were driving?
That's what people have been saying for over two decades... Glad common sense has won out on this one.
Yup. And yup.
Ray Beckerman +5 Insightful
Except a gun isn't wifi. Seriously, it's not a valid point. Wifi allows you to... download pirated content. Guns allow you to perform numerous highly illegal activities, as well as potentially shooting yourself if someone's really just handing their gun out to visitors.
How can you prosecute someone for infringement based on an IP address? IP address doesn't mean jack sh*t. Unless you have the person's computer with the infringing file, and video of them using said computer at the time the file was downloaded/uploaded, it shouldn't be possible to convict somebody of infringement.
If you substitute the word 'Car' for the words 'IP Address', the ruling reads:
'just because a CAR is registered to an individual does not mean that he or she is guilty of infringement when that CAR is used to commit infringing activity.'
A whole bunch of 'speed camera law' is in exact opposition to this ruling.
I think that the ruling is positive and constructive - but I also think that it will be overruled at a higher level for the exact same reasons that the speed camera law is in place.
Actually it is valid. Wifi can hacked into and used without permission to download copyright protected content (you can't pirate content as Piracy involves ships and water. No matter how much mainstream media wants you to believe you can) That is what amusing me about your point. Guns can indeed allow engagement highly illegal activities like murder, theft, kidnapping and rape. Wifi can allow pedophilia, ID theft, collaspe essential servers that control electricity, water, sewage etc which can lead to death and destruction. It was proven that a computer virus allowed the destruction ot the centrifuges that were processing the uranium for the iranians. So both can cause the same among of chaos. Actually in the right location at the right time, a open wifi point could cause more mayhem than a marksman ever could.
"stolen wifi" can't kill a clerk at the convenience store...
Michael J. Ryan - tracker1.info
I have two wifi points. One permits access to my network and is highly secured, encrypted, mac filtered, yada yada yada The other is an unencrypted point that only has access to the internet for guests to use and no internal network access. I give the trivial password to anyone who visits so they can connect their phones, laptops, tablets etc to it. The **AA can be as surprised as they like, I'm not bound by their concept of how wi-fi should be configured.
Warning: Teh poster of this messaeg is lysdexic
The MPAA/RIAA when sponsoring the creation of the copyright law change in New Zealand, managed to get it passed that the SUBSCRIBER is the person legally responsible for what happens on the account, no matter what...
and if that's not bad enough, if you're accused of downloading a file, a correctly filled in complaint form from the IP holder is deemed sufficient proof the offense occurred (3 strikes btw)... i.e, if someone accused YOU of downloading Justin Bieber - Baby.mp3 yesterday, could you prove you didn't? I certainly haven't found someone who has figured out a way
easy: IP addresses are mentioned neither in the constitution nor in the bible, which clearly mean the state can do whatever with them.
The Cloud - because you don't care if your apps and data are up in the air.
what difference does it make though ?
The Cloud - because you don't care if your apps and data are up in the air.
It can if it is used to hack a SCADA system. Granted, it would be neigh impossible to target a specific person.
When I'm using my gun, I know, beyond any doubt, that nobody else is; when I'm not using it, it's locked up securely. When I'm using my internet connection, I know I've taken reasonable steps to secure it and only allow authorized users, but I don't have the same level of assurance that those measures haven't been bypassed, and it's no more secure when I'm not using it than when I am. The number of possible users and means by which access can be gained makes all the difference.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
A single IP can be used by many people at the same time. Some of them can even be out of sight of each other. This doesn't hold true for guns.
That's not quite as true as it sounds...
"For years the city did ballistic testing on all guns that passed through their control and on all bullets recovered, however, they never did much with those records. On September 20 of 2000, the new commander of the ballistics unit reported on a statistical comparisons made possible by new computer technology. What they found, he said, indicates that the common fear about a new influx of guns flooding streets is deeply misguided. What their data base revealed was that a limited number of guns were fueling a large number of violent crimes. In an 18 month period one gun had zig zagged across the city getting involved in at least a dozen crimes until finally being recovered in an abandoned U-Haul. "
In comparison, I keep a strong wifi password, as I just found out that my wifi is line-of-sight accessible from the picnic pavilion in the park across the street (literally line of sight, the router is in the living room with only a few panes of glass between).
Get some ceramic window film installed. It'll increase your privacy and reduce your heating costs. On the downside, it'll be a bit of a problem if you use your wireless in your yard, but that sacrifice may be worth it.
Yet...
Wanna bet? VOIP + SWATting = win.
It also makes your windows look like they haven't been washed in a decade.
I'm almost positive the internet's been blamed for killing people before.
Actually that would be a very interesting configuration in court.
The **AA would not be able to prove what wifi was used to commit the offence, and it makes it even more plausible that you hand out the guest account to anyone including neighbours who perhaps had net issues once.
I guess I should have made the key part of my statement bold. That being the "at the same time" part.
This part of the decision applied only to claim 3 of negligence, which was dismissed, not to claims 1 & 2 of copryight infrigement, which were held pending further information. It appears to nix the notion that individuals are required to police Internet connections for which they subscribe, and take liability for the behavior of other users.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
While this is a great ruling, I've noticed a recent pattern: most of the cases where judges have come down hard on copyright trolls do not involve material from major studios. They involve pornography, often gay pornography. There are quite a few of these cases chronicled on TorrentFreak. I wonder to what extent the judges are letting their disgust of the underlying material come through in their rulings. Would they be making the same rulings if these people were accused of downloading mainstream music or films?
That said, these precedents can probably be used in other cases, even against major studios, since there is no legal distinction between large and small copyright holders and no copyright-relevant distinction between pornographic and non-pornographic content. I'm willing to take victories against the monolith of "IP" wherever they are available.
I hunted through the judge's decision, and could not find where he forbade discovery. I found that he required some alleged facts actually connecting the defendant to the alleged infringement. He didn't require evidence at this stage, merely a statement of a plausible specific claim that the Plaintiff possessed some evidence associating the Defendant with the alleged copyright infringement. From the judge's decison, a footnote:
It appears to me that the judge was requiring Plaintiff to explain in a bit of detail the reason for associating the defendant with the alleged copryight infringement. Elsewhere, the judge mentions that the Plaintiff has not even alleged specifically that the IP address in question is associated in any particular way with Defendant:
So, it appears (pending a reading of the complaint, to see whether the judge described it correctly) that Plaintiff sued Defendant, mentioned "68.8.137.53" as though this were relevant, but did not explain the connection between that number and Defendant, and the judge required an explanation. There is more in the decision to indicate that a mere registration of the number would not suffice, but no indication at all that Plaintiff's ability to discover additional facts is actually inhibited if they can provide a plausible explanation.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
Well, I do know what "discovery" means (Wikipedia entry). The judge indicated that Plaintiff had not explained allegations well enough to justify certain types of discovery. By no means did he say "that they are forbidden from obtaining any more evidence or doing any more research." "Discovery" means requiring others, including the opposition, to deliver information that may support the case. Plaintiff had, and was apparently already using, other means of obtaining evidence and doing research. As I understand the decision, Plaintiff must explain a plausible case well enough to justify placing that burden upon others, and the judge ruled that Plaintiff had not done so.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
My state has no gun registration.... on purpose. Private person->person sales are just peachy and require no registration. Purchases at a gun store are registered so the gun shop owner can keep his FFL but after initial purchase, guns can be sold time and time again and end up in some pawn shop somewhere. And ya know what? I like it that way.
I have hunted the 7-page decision in vain for the spot where the judge forbade Plaintiff "to do any investigation that would help ... ." The judge merely required Plaintiff to mention some alleged facts that, if proved, would associate Plaintiff with the alleged copyright infringment. According to the decision, Plaintiff merely mentioned an IP number, and did not even claim that it was associated with a service subscribed to by Defendant. Plaintiff was at liberty to do all sorts of other investigation, or merely to share with the judge the details of earlier investigation. Until then, the Plaintiff would be unable to demand that Defendant or other parties (such as ISP) do the investigation for Plaintiff under the rules of discovery.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
You're just not hitting the clerk in the head with the wireless hard enough.
There was no form of IP masquerading or NAT in 1990. RFC 1287 in 1991 had some suggestions leading toward NAT. In 1993 RFC 1918 defined the non routable private use IP ranges and in 1994 RFC 1631 defined and established NAT. There may have been people saying an IP does not equal a person in relation to intellectual property theft back in the mid 90's but I doubt that number of people was more than a handful. If Google newsgroup archive search was worth a fuck I'd try to search for those handful.
The only way that a Plaintiff could obtain the evidence needed is with a subpoena. The judge dismissed the case before allowing any subpoenas to occur. Therefore the judge forbade the Plantiff from doing any useful investigation.
That's not what the decision says. The judge did not dismiss the 2 copyright infringment claims. He did not require evidence. He required before proceeding that Plaintiff reveal information, which Plaintiff claimed to possess already, linking Defendant to the IP number. Plaintiff dropped the suit without revealing that information. Subpoenas are by no means neccesary for all forms of investigation. There was no indication of a request for a subpoena of ISP registration information. The judge noted that Plaintiff had not even stated that the IP number in question was registered in any way to Defendant. Accepting the judge's statement (I did not check it against the actual complaint), Plaintiff merely mentioned the IP number, alleged that it was involved in an alleged copyright violation, accused Defendant of that copyright violation, but did not even mention any alleged connection between Defendant and the IP number, much less any other detail regarding Defendant's actual behavior. The judge did not require evidence, merely plausible statement of the evidence that Plaintiff expected to produce.
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
Two people can't use the same IP address at the same time either - your packets are interleaved.
It just so happens that your packets are interleaved on the microsecond scale while gun use is interleaved on the order of hours/days/weeks.
paintball
How many gun owners let other people use their guns?
Nancy Lanza did.
Moral of the story: secure your weapons better than your Wifi.
The gun analogy doesn't fly... An IP can be abused or shared without actual knowledge. This is much harder with a physical item like a gun.
Remember - not only can members of a household share an IP and not only can wireless access be hacked/abused to allow unknown external parties to participate in the sharing - external parties also hook into the network either by ethernet cable or through a rogue access point hidden somewhere. This has actually happened in real life.
The judge got it right: You cannot use an IP to unique identify the user of that IP. Too many possibilities for abuse and/or misidentification.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
What if the case involved a home owner? Someone got killed in a backyard, so the owner of the house has to be the one who's guilty. No trial needed.
Someone got killed in a backyard, so the owner of the house has to be the one who's guilty.
Guilty? I think the word is too strong. A suspect would be more appropriate. No trial needed? Hmm... The word "got killed" is very vague. There could be tons of reason how the situation occurs on the owner property -- when it happened, how it happened, any witnesses, etc. -- so there will be an investigation. Usually, as I have seen in the U.S., there would be a trial for this kind of cases when (and in most cases) the owner does not admit the crime and hire a lawyer. Your analogy is quite off.
So why should someone else be bound by the GP's notions of whether and how guns should be loaned out?
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
This has always been I question of mine in these court cases. How do they correlate IP Address to User Login? Do they subpoena records from the ISP? Are the logs from an ISP sufficiently accurate to say that a User is logged in on a specific IP at the time the infringement occurred?
What percentage of guns do you think are securely locked AND not bought w/o background checks ? Judging from recent events: very few.
The Cloud - because you don't care if your apps and data are up in the air.
What percentage of guns can be taken from inside the home they're sitting in, locked up or not, without setting foot in that home? The analogy just doesn't fit, quit trying to force it.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
It does fit, on whethter owner/seller = responsible for use
The Cloud - because you don't care if your apps and data are up in the air.
If you own a car, you have an alarm on that car, you put The Club on that car, you lock that car, you keep that car in a locked garage, and you keep those keys on your person at all times; you know, every reasonable security measure; and that car is stolen and used in a crime or involved in an accident, you are not liable. In fact, you can to much less to secure that car (pretty much anything that doesn't involve leaving the keys in it or handing the keys over to someone else) and still not be held liable for the actions of another party who used your vehicle.
This is very similar to an internet connection, in that it can be secured or not secured, used with permission and used without permission, even used with or without your knowledge, and the rules of liability should be similar, as well.
To blow another large hole in your gun analogy, I'd like to point out that, in most jurisdiction within the US, if it can not be proven that you fired the gun, it must be proven that you willingly supplied the gun to whoever did fire it before you will be held liable for the results of that firing. [primary source: my father in law, credentials withheld due to active duty status (nonmilitary); secondary source: my coworker's stepfather, a recently retired cop; tertiary source: my coworker's mother, a recently retired police dispatcher] Even your analogy indicated that the "owner" of an internet connection should not be held liable for the use of that connection to commit an infringement unless, as is the case with a car or gun, it can be proven that they, or a party they explicitly authorized, were, in fact, the one who used that connection to commit said infringement. The laws governing liability for acts committed with firearms and vehicles do account for security, as well, in that they do place liability on the shoulders of the owner if a vehicle is left with the keys in the ignition or a gun is left sitting out in the open, or similar situations where parties not explicitly authorized by the owner may have easy access; the law places liability on the owner in those cases, and I agree that similar laws regarding internet connections should place liability on the "owner" of the connection when an ethernet port is left in an unsecured location (e.g. unlocked utility box on the side of the building) or a wireless router is left unsecured. The flip side of that is that, if steps are taken to secure the resource, just as with firearms and vehicles, liability should fall on the party who circumvented those measures and used the resource without the permission or knowledge of the "owner".
The law is already very clear on this, but for some reason people get confused when you throw in the phrase "on a computer". See: USPTO.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.