Programmer Challenges RIAA Investigators 238
NewYorkCountryLawyer writes "In court papers filed today in Manhattan federal court, programmer Zi Mei has slammed the investigation on which the 'ex parte' orders obtained in the RIAA's cases against consumers are based. Armed with Mei's affidavit, a midwesterner -- sued in Atlantic v. Does 1-25 in New York City as 'John Doe Number 8' -- has asked the judge to vacate the 'ex parte' order on the ground that the RIAA doesn't have the evidence it needs to get such an order. If Doe wins, the RIAA's subpoenas to the ISP, for its subscriber's identities, will be thrown out."
ex parte (Score:5, Informative)
Ex Parte (Score:5, Informative)
If he can get this tossed it would be a pretty big blow to the RIAA's case.
Re:ex parte (Score:4, Informative)
Re:Yea that will work (Score:4, Informative)
documents (Score:2, Informative)
Re:what the fuck (Score:4, Informative)
alternate link (Score:2, Informative)
Not get picky...but... (Score:3, Informative)
No.... actually, progammer Zi Mei's LAYWER has slammed the investigation. Unless he's a lawyer and a programmer of course, in which case it should say "programmer and lawyer..." But I digress.
What I'm trying to say is, I'm no fan of laywers, but let's give them a little credit here and say that they've come up with a good way to defend this Mei guy. If anything Mei can afford a good lawyer, yay!
Anyone able to get at those PDFs? (Score:2, Informative)
I really want to read what was filed for this
Re:Not get picky...but... (Score:3, Informative)
No, actually, Zi Mei is a programmer hired by lawyers for John Doe #8, party to Atlantic vs John Does #1-25, to investigate and give expert opinion upon the RIAA's evidence gathering. Mei hasn't been accused of anything.
Read before you pick.
Re:wrong wrong wrong (Score:1, Informative)
Anonymous ISP here again... funny story to share about the "who put the file there" comment.
About a year ago summer, the customer service manager referred a customer issue to me (I get all the fun ones that deal with policy issues as CSO). I should mention the process we use - we actually (hold onto your chair) presume our customer is innocent first. The process we developed (and reviewed with counsel) does the following when we get either a DMCA inquiry or an internally-generated incident request from NIDS monitoring (usually from P2P server operation or serious P2P client over a threshold).
Step 1. Collect basic data and confirm from traffic flows. We're PPPoE throughout our network into an MPLS fabric, so it's pretty easy for us to redirect a stream for analysis from anywhere in the network to an analyzer. We don't go into the traffic other than looking at what it is and confirming/rejecting the information of P2P flows. (Always, always document these processes too - it'll save your ass someday since courts and judges do give a bit of discretion to those who exercise diligence in their practices).
Step 2. Contact the customer via phone (with followup email for legal requirements - just to CYA). We let the customer know what's going on. Like I said previously, it's almost always a minor child who's installed P2P. Occasionally I have an adult who I have to explain the issues of P2P server mode being like driving 110 MPH in a 45 zone per getting attention. Simply downloading won't get our attention, but they do need to be aware that it can get the RIAA's and if they have good evidence and comply with the notification provisions, we will have to pass along the customer's info. (Hint: Be discrete and don't be a P2P pig! Drive with the flow of traffic!!!)
So anyway, we had one of the server type incidents and helpdesk called and notified a parent. I got the call back from the mom, demanding to speak with a company officer about our behavior. Figuring we had someone unaware of DMCA and just needing to talk with, I called mom up.
Mom proceeded to tell me that she had talked with her 15-year-old son after she investigated the PC and found gigabytes of porn on the family hard drive. However, the son explained that the ISP put it there, since that's the "only way it could have gotten there." I was actually being threatened with lawsuits from mom about our allegedly hacking in and forcing her 15-year-old kid to watch all this stuff.
I kindly (holding back the laughs) told mom that if she really believed this to be the case, we'd need to have authorities immediately take the PC as evidence and conduct a forensic audit on the contents. Of course, if it was determined that her son put it there...
As always, you can help most people out but occasionally you get a nut!
Re:what the fuck (Score:3, Informative)
Courts deal with "persons", which are actually legal entities. It just so happens that in the vast majority of cases, legal entities are confined in squishy tissue boundaries.
But there are a number of "persons" who can appear before court that aren't confined in squishy tissue boundaries. (btw, that's a real legal term... squishy tissue boundary...)
sorry, I just got totally sidetracked there...
Gramm Leach Bliley (Score:3, Informative)
I think the defining part of the above description is: financial products and [financial] services to consumers.
I'm not sure how this applies to ISPs in any way shape or form.
My ISP doesn't provide a financial service...
Re:Gramm Leach Bliley (Score:2, Informative)
Your online banking information magically appears on your computer, then? Funny... I thought it went over your ISP's wires.
Re:This always happens.... (Score:2, Informative)
To sum it up, it found that file-sharing actually increased the sales of albums which contained the most popularly downloaded tracks, contrary to the findings of an earlier study.
From the Oberholzer/Strumpf study (March 2004):
We consider the specific case of file sharing and its effect on the legal sales of music. A dataset containing 0.01% of the world's downloads is matched to U.S. sales data for a large number of albums. To establish causality, downloads are instrumented using technical features related to file sharing, such as network congestion or song length, as well as international school holidays. Downloads have an effect on sales which is statistically indistinguishable from zero, despite rather precise estimates. Moreover, these estimates are of moderate economic significance and are inconsistent with claims that file sharing is the primary reason for the recent decline in music sales.
TFA:
http://www.nber.org/~confer/2004/URCs04/felix.pdf [nber.org]
For those who wish to read it in a non-annoying format:
http://scholar.google.com/scholar?hl=en&lr=&q=cac
Re:down with Media Sentry (Score:5, Informative)
I don't know if the RIAA uses multiple firms or if the incident team filters out the infringement notices, but I have never once received a notice without a timestamp. The notices I receive have the IP, timestamp, ports, p2p network, and infringing filename. We occasionally get the IP address that detected the infringement, too.
This tells me one of two things: 1) You're exaggerating or outright lying, because every notice I receive has the appropriate information.
or
2) The incident team returns notices which do not include the necessary information, in which case your ISP could do the exact same thing.
Re:This always happens.... (Score:1, Informative)
http://www.constitution.org/grossack/arrest.htm [constitution.org]
http://www.ou.edu/oupd/selfarr2.htm [ou.edu]
Re:ex parte (Score:4, Informative)
agricultural products (soybeans, fruit, corn) 9.2%, industrial supplies (organic chemicals) 26.8%, capital goods (transistors, aircraft, motor vehicle parts, computers, telecommunications equipment) 49.0%, consumer goods (automobiles, medicines) 15.0% (2003)
The entertainment industry would fall into that 15% for "consumer goods", which means that over 85% of the US exports have absolutely nothing to do with American entertainment. Don't forget, many countries think our music sucks about as much as we think theirs does. As a side note, by the 2004 numbers the US is the 2nd largest exporter of goods at $795 billion. Germany is the only single country who exports more. The EU exports $1,109 billion, but they are not a single country, but if you did count them that makes the US 3rd.
Despite what you might think the US still makes a good chunk of change on its exports and not so much of it would be the entertainment industry. I think what you mean is that the US imports more then it exports, which is quite true, but this is largely because we are a huge consumer. I think the only category listed above for which we are considered a "net exporter" is the Agriculture industry.
Re:down with Media Sentry (Score:1, Informative)
There are several different contractors handling this. For example, BayTSP and MediaSentry both handle automated (yes, they're automated or at the very most click-monkeyed with no verification) takedowns. But so far, only "evidence" from MediaSentry has been used to file lawsuits.
It's worth pointing out that if you look at the connection logs, you will almost certainly NOT see a connection from the mentioned IP address, to the accused IP address, or indeed, any attempt to download the file. This behaviour is relatively consistent for some scanning bots. (Be aware, however, your network, as a university subnet, will be specifically targeted by one or two distinct scanning bots which may have different behaviour; it depends on if your university is being specifically targeted by the RIAA or MPAA. They are very aggressive against universities, because they want to make examples of students to frighten the rest, and to possibly weasel in an ill-conceived business deal in the process.)
Upstream nodes are "believed" by most of the RIAA's contractors' sniffers, and they make no attempt to verify the information; they believe the server, or the nodes to which they are contacted.
This is well-known among some circles. You will see the occasional confused netadmin on Full-Disclosure wondering about it, for example.
Not all the fake files out there are RIAA/etc (MediaDefender, Titan Media Group, and formerly Overpeer but no longer) fakes. Some individuals are running honeypots with which to identify the sniffers' IP addresses and trap the sniffers by posing as legitimate supernodes/servers/DHT peers and feeding them false information about other IP addresses, which might not even be running a file-sharing application. By and large this doesn't affect normal users, because normal users don't keep hopping between a limited group of IP addresses, joining and rejoining the network and doing nothing but issue searches... but it's like a minefield of fakes for the scanning bots to wade through.
Given this active targeting and poisoning of the evidence along with virtually no human oversight of the scanning bots, you might be surprised to learn that the false-positive ratio of the takedowns could be much higher than you might expect.
Even if they do connect, I've never seen them download the whole file; typically 64KB from the beginning. (Probably a holdover from when the scanning bots exclusively did Kazaa.)