The Xoxo Reader writes "A new filing in the Autoadmit Internet defamation lawsuit (previously discussed here on twooccasions) reveals how the plaintiffs' lawyers have attempted to discover the identities of the defendants, who posted under pseudonyms on a message board without IP logging. The defendants had posted links and excerpts of several Web pages that mention the plaintiffs, including a Washington Post article, a college scholarship announcement, and a federal court opinion. Now the plaintiffs are asking those Web sites for logs of everybody who accessed those articles in the hours before the allegedly defamatory content was posted. (All the more reason to read the web through Google cache!) The plantiff's motion for expedited discovery includes copies of the lawyers' letters to hosting providers, ISPs, and others. It also includes replies from the recipients, many of whom point out that the lawyers' requests are technically impossible to fulfill. No matter; the plaintiffs are asking the court to issue subpoenas anyway. This thread contains a summary of the letters in the filing."
And the stupid and idiotic thing is? These attacks are being perpetrated by fucking law students! Although maybe I shouldn't be so surprised. You certainly, well I don't see this amoung medical students. I thought libel was illegal?
And it's not even a close call issue in any grey area. it's flat out threats and slander.
FTA: "According to court documents, a user on the site named "STANFORDtroll" began a thread in 2005 seeking to warn Yale students about one of the women in the suit, entitled "Stupid Bitch to Enter Yale Law." Another threatened to rape and sodomize her, the documents said.
The plaintiff, a respected Stanford University graduate identified only as "Doe I" in the lawsuit, learned of the Internet attack in the summer of 2005 before moving to Yale in Connecticut. The posts gradually became more menacing.
Some posts made false claims about her academic record and urged users to warn law firms, or accused her of bribing Yale officials to gain admission and of forming a lesbian relationship with a Yale administrator, the court papers said."
Law Students? Anyone hiring these people needs to seriously check their own ethics.
named "STANFORDtroll" began a thread in 2005 seeking to warn Yale students about one of the women in the suit, entitled "Stupid Bitch to Enter Yale Law." Another threatened to rape and sodomize her
Hey, welcome to the internet. Somebody just today threatened to hit me with a 2x4 because I accused him of making up a definition of "science".
The point is neither will happen if its said by internets trolls. If all that happened was someone said "I'm gunna rape ya" then that would be equatable with the parent's anecdote and nothing would come from it.
For instance, we believe that evidence obtained in contravention of the Fourth Amendment should be quashed. But if the evidence was the admission of the location the body of a murdered little girl by the perpetrator, one would truly consider allowing the evidence into consideration because we don't want this guy to get away with it.
This is something that has always confused me about American law. I've never lived in the USA, but I have lived in a few other places (Australia, several European countries),
(All the more reason to read the web through Google cache!)
You're horribly misinformed if you think that will help. Any images, scripts, or other "external" content referenced from the cached HTML is still fetched from the original server by your browser. Unless it's a self-contained text-only page (as if many of those exist) your IP address is still in their logs.
True but it doesn't access the main document and that's what they will be searching for since it's more than likely that any external images, etc. will be shared with many other pages on that site. Due to that one could not always easily prove without doubt that someone had actually read the document in question.
Due to that one could not always easily prove without doubt that someone had actually read the document in question.
Sure they could. If the server logs the HTTP-Referer (which is quite common) they would know exactly what you did, including which search terms you used to find their page. Of course you can take steps to hide this, but TFS implies that simply using Google Cache is sufficient, which is quite misleading.
Copy the cache URL, paste to address bar and add &strip=1 to the end. It will ignore anything not in the cache'd record. You won't see any images and the like, but you also won't end up in the website's logs.
It's worse than that. Google (cache) is a single point of failure. All it takes
is a valid subpoena from a court to the company Google, and Google will divulge all the information it has about an IP or a user account etc. That may include web pages visited, search terms, emails, etc., eg your whole online life.
From a privacy perspective, it's a lot better if the information that
the lawyers are looking for is physically
scattered over many websites, each owned by a separate legal entity with different hardware capabilities, different backup strategies, different technical expertise, and different political beliefs.
Remember, the company Google has enough information already to reconstruct your email conversations (if you use gmail or you exchange emails with someone who uses gmail), your searches terms on Google and partner search engines (agreements to pass along complete search histories to Google in exchange for help with searching), and the actual pages on third party web sites that you visit (world wide text ad tracking by Google/Doubleclick is enough for browsing history reconstruction).
The plaintiffs' law firm, Keker & Van Nest LLP, counts Google as amongst its largest customers, and there appears to be a conflict of interest at play. The Autoadmit turds created a Googlepages website with a plaintiff's pictures. The federal jurisdiction was predicated on the copyright violation on this website. Yet KVN did not issue a subpoena to Google for the owners and operators of the Googlepages site in question. Such a subpoena would have been focused and likely to yield only the "bad guys." I w
Google's engineers have written a special toolkit that can discriminate stupid subpoenas and discovery requests from those that have merit. Once the script determines that a given subpoena is frivolous, an automated response is sent back to the plaintiff using a standard template that combines legal terms with curse words and fills in important fields like names, dates, URLs, and docket numbers.
You can download the toolkit from Google yourself (Apache license). Do a search for friv.ol.ous.js.
The Illinois Toll Authority implemented the EZ-Pass system with a lot of fanfare about how no records were kept. They made a big point about how there were no privacy considerations for having a transponder (not RFID in the usual sense) in your car.
An enterprising divorce attorney then took it upon himself to subpoena records from the Toll Authority, in spite of their PR campaign and very public statements to the effect that such records simply did not exist. The attorney was awarded the records and I believe it was material the divorce proceeding.
Shortly after that, detailed records were made available in billing information to customers. I guess there wasn't any point in denying that the information existed any longer.
Everyone can be surprised by what can be found when a court orders it to be turned over.
The Illinois Tollway Authority is a bureaucracy of the worst stripe.
My presumption was, from the very beginning, that they were keeping such records. That's why I refused to get an I-Pass, because I don't like being tracked, just as a matter of general principle. I wasn't surprised to find out that I was right.
As a matter of fact, adoption rates for I-Pass transponders were not what they were hoping to get (maybe a lot of other people felt the same way I do, I don't know) so about a year ago they just
Only double? In London, if you don't want to use the RFID public transport card (Oyster card) a journey that would cost £1.50 costs £4! And a bus ride goes from £0.90 to £2. One way they justify this is because it is much faster when everyone can just get on the bus, touching their card against a reader, rather than fiddling with cash and waiting for the driver to print a ticket. On the Underground (subway) the difference isn't so great, but there's less problems with people not
but there's less problems with people not putting the paper tickets in gates correctly
Granted, the magstripe (or bar code) reader could be designed to accept the ticket in any of the four ways it fits in (like Disney's turnstiles, for example).
I entirely agree with your sentiment. Their fee increases also doesn't encourage a welcoming feeling for those of us traveling through Illinois to other destinations. And, avoiding toll roads is becoming a much harder thing with the recent housing boom, urban expansion and what have you.
who says that the people who posted anonymously even visited the site any time close to when the most was made? I mean if you really didn't like someone you'd probably know about sites like that DAYS before posting anything. Or that they posted on the same computer as the one they found the search results? find the results at a public station and post elsewhere or vice versa?
If you surf exclusively through Google cache, I think that just makes it easier to resolve the correlation between sites. After all, at that point the logs are centralized and synchronized already.
According to court documents, a user on the site named "STANFORDtroll" began a thread in 2005 seeking to warn Yale students about one of the women in the suit
If he had just changed his name to STANFORDanonymouscoward, this would have never happened...
Excerpt from letter to HighBeam Research, from page 48 of the Justia link. The plaintiffs actually asked for a week's worth of access logs:
We have reason to believe that at least one defendant used your service to post allegdly tortious content regarding out clients on AutoAdmit.com and/or to email that content to third parties. That defendant posted or sent that information on March 7, 2007 at 5:23 p.m. EST after using your service to access an article titled "Ex-World Bank Official Disappears From Trial," which is found at http://www.highbeam.com/doc/1P2-915261.html [highbeam.com].
We hope that, given the egregious conduct that is alleged in this case, HighBeam will disclose certain information that may allow us to determine the identities of the named defendants in this lawsuit. To that end, we request that HighBeam provide us with information that identifies the person(s) using your service to locate the above-identified article, including but not limited to first and last names, present or last known mailing addresses, telephone numbers, e-mail addresses, and all logs containing the source Internet Protocol ("IP") addresses of all access to the location or file "1P2-915261.html", "915261" or other variants thereof between 12:00 a.m. EST on March 1, 2007 and 5:23 p.m. on March 7, 2007.
Response from HighBeam, page 86:
We spent a fair bit of time determining whether it was technically possible to comply with this request. We have determined that our system simply does not allow us to obtain the information you are seeking about the identity of a person accessing a particular story at a certain time.
I cannot begin to explain to you the complex technical reasons for this. However, if you have a technology consultant working with you, I will be happy to put that person in touch with our CTO for a complete explanation.
...containing the source Internet Protocol ("IP") addresses of all access to the location or file "1P2-915261.html", "915261" or other variants thereof between 12:00 a.m. EST on March 1, 2007 and 5:23 p.m. on March 7, 2007.
Even assuming that someone insanely keeps logs that long, what are the legal requirements for accurate time of day on the server (none, as far as I know)? If page entries are manually timestamped or timestamped by a javascript on the poster's machine, there's no particular reason to have an accurate clock. Was the clock on your machine accurate a year ago? How do you know? How do you prove that in this case the accesses didn't occur after the URLs were posted by people reading the posts? This isn't just one machine, but multiple machines. How do you perform a time correlation with data that has no requirement for validity?
Hey, the respondents should point to the highest office (aka President) and declare they followed His example in deleting 180 days of records. Well, if its legal for the president to do so, then it must be OK for me... If the judge asks them why they were so asinine, they can respond saying the judges did not nothing to prevent the president to do so, and hence by condoing a public action, the judges deemed it legal.
"They can't hide behind anonymity while they are saying these scurrilous and menacing things," said Eugene Volokh, a professor of law at the University of California, Los Angeles.
Seems to me that they can, both legally and practically. Anonymous speech is protected in the US. It's unfortunate that that also permits anonymous defamation, but that's the price we pay. If it hadn't been defaming speech on a web site, people might also have spread around anonymous pamphlets or sent anonymous mail.
Besides, even if this lawsuit were to succeed and even if they found the posters, the result will simply be that people will be more careful about anonymizing their IP addresses. For example, if you connect from Starbuck's, your name isn't linked to your IP.
Libel is libel, whether written by a known author, or anonymously. Libel is a crime. There for, anonymous libel is a crime. So even if they had spread anonymous pamphlets or emails, it would still be libel and the perpetrator would still be criminally liable. Seeing as how there was a crime, how is it wrong for this girl to do what she can to find out who it was and have her day in court? She has a lead, let her follow it. If the providers don't have the logs, sucks to be her, but if they do, they should cou
You must be new here. Convince the technologically-illiterate judge that they *do* exist, and then punish people for not providing them. Convincing technologically-illiterate judges of things that are simply not true has been going on for a while now.
If I got this request and I didn't do IP logging, I would give them a print-out of every possible IP address, ipv4 and ipv6, and say "one of those is probably the culprit you're looking for, sorry I was unable to narrow it down any further"
Unless there is some sort of local rule or local law I'm not noticing that's not right at all. For parties attorneys can make requests without going to a court. But, for non-parties, which these miscellaneous ISPs would be, they need a subpoena from the court to get the info. If the holders of the info are parties then yes the attorneys could get it by just asking. Assuming the other side doesn't refuse for whatever reason they might have, then a judge would be called in to settle the fight.
Unless there is some sort of local rule or local law I'm not noticing that's not right at all. For parties attorneys can make requests without going to a court. But, for non-parties, which these miscellaneous ISPs would be, they need a subpoena from the court to get the info. If the holders of the info are parties then yes the attorneys could get it by just asking. Assuming the other side doesn't refuse for whatever reason they might have, then a judge would be called in to settle the fight.
Under Federal Rule of Civil Procedure 45 an attorney can sign and issue subpoenas for third parties, as an officer of the court. I know it's the same for my state, and considering most states base their rules to a large extent on the Federal ones, I'm assuming it's the same for most jurisdictions.
Plaintiffs can't issue a subpoena without the court's permission since discovery hasn't began. That's the whole nature of the motion for expedited discovery.
Just because some people decide to treat each other like dicks online doesn't mean that everyone should be easily identifiable. How would sites like Wikileaks work if everyone could be punished for rubbing someone the wrong way?
Except that one could easily be masked by the accuser as the other. It probably wouldn't be difficult for me to sue a whistleblower for libel in my attempt to deny/cover up my shady actions if I know who the whistleblower is.
Cyberbullying at its worst (Score:4, Interesting)
Re:Cyberbullying at its worst (Score:5, Insightful)
FTA:
"According to court documents, a user on the site named "STANFORDtroll" began a thread in 2005 seeking to warn Yale students about one of the women in the suit, entitled "Stupid Bitch to Enter Yale Law." Another threatened to rape and sodomize her, the documents said.
The plaintiff, a respected Stanford University graduate identified only as "Doe I" in the lawsuit, learned of the Internet attack in the summer of 2005 before moving to Yale in Connecticut. The posts gradually became more menacing.
Some posts made false claims about her academic record and urged users to warn law firms, or accused her of bribing Yale officials to gain admission and of forming a lesbian relationship with a Yale administrator, the court papers said."
Law Students? Anyone hiring these people needs to seriously check their own ethics.
Parent
Re:Cyberbullying at its worst (Score:5, Funny)
Parent
Re:Cyberbullying at its worst (Score:5, Insightful)
Hey, welcome to the internet. Somebody just today threatened to hit me with a 2x4 because I accused him of making up a definition of "science".
Parent
Re: (Score:3, Interesting)
Re: (Score:2)
Re: (Score:2)
4th Amandment [was Re:Cyberbullying at its worst] (Score:3, Interesting)
This is something that has always confused me about American law. I've never lived in the USA, but I have lived in a few other places (Australia, several European countries),
Google Cache doesn't help (Score:5, Informative)
Re: (Score:2)
HTTP-Referer (Score:3, Insightful)
Re: (Score:2, Informative)
Re: (Score:2, Funny)
Not necessarily; &strip=1 (Score:5, Informative)
Parent
Re:Google Cache doesn't help (Score:4, Informative)
From a privacy perspective, it's a lot better if the information that the lawyers are looking for is physically scattered over many websites, each owned by a separate legal entity with different hardware capabilities, different backup strategies, different technical expertise, and different political beliefs.
Remember, the company Google has enough information already to reconstruct your email conversations (if you use gmail or you exchange emails with someone who uses gmail), your searches terms on Google and partner search engines (agreements to pass along complete search histories to Google in exchange for help with searching), and the actual pages on third party web sites that you visit (world wide text ad tracking by Google/Doubleclick is enough for browsing history reconstruction).
Parent
Re: (Score:3, Interesting)
Don't be silly (Score:3, Funny)
You can download the toolkit from Google yourself (Apache license). Do a search for friv.ol.ous.js.
Proxies? (Score:2, Informative)
Re:Proxies? (Score:4, Informative)
Parent
Re: (Score:2)
Then the lawyers should submit a FOIA request to the NSA to get the IPs.
Subpoena for non-existent materials (Score:5, Interesting)
An enterprising divorce attorney then took it upon himself to subpoena records from the Toll Authority, in spite of their PR campaign and very public statements to the effect that such records simply did not exist. The attorney was awarded the records and I believe it was material the divorce proceeding.
Shortly after that, detailed records were made available in billing information to customers. I guess there wasn't any point in denying that the information existed any longer.
Everyone can be surprised by what can be found when a court orders it to be turned over.
Re: (Score:3, Interesting)
My presumption was, from the very beginning, that they were keeping such records. That's why I refused to get an I-Pass, because I don't like being tracked, just as a matter of general principle. I wasn't surprised to find out that I was right.
As a matter of fact, adoption rates for I-Pass transponders were not what they were hoping to get (maybe a lot of other people felt the same way I do, I don't know) so about a year ago they just
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Funny)
Interesting story (Score:2)
critical flaws (Score:2)
Google cache? (Score:2, Insightful)
Impossible? (Score:5, Funny)
And they make no mistakes too.
Duh. We all know that.
Could have saved a lot of hassle... (Score:3, Funny)
Text of some of the letters (Score:5, Informative)
Right... (Score:3, Insightful)
Right...because centralizing the record-keeping of all your online activity is going to protect your privacy...
Do you vote? We're doomed.
first thing we should do (Score:2)
Time on their hands (Score:3, Insightful)
Even assuming that someone insanely keeps logs that long, what are the legal requirements for accurate time of day on the server (none, as far as I know)? If page entries are manually timestamped or timestamped by a javascript on the poster's machine, there's no particular reason to have an accurate clock. Was the clock on your machine accurate a year ago? How do you know? How do you prove that in this case the accesses didn't occur after the URLs were posted by people reading the posts? This isn't just one machine, but multiple machines. How do you perform a time correlation with data that has no requirement for validity?
Quote the president's actions on deletion... (Score:3, Funny)
Well, if its legal for the president to do so, then it must be OK for me...
If the judge asks them why they were so asinine, they can respond saying the judges did not nothing to prevent the president to do so, and hence by condoing a public action, the judges deemed it legal.
well, they can (Score:4, Insightful)
Seems to me that they can, both legally and practically. Anonymous speech is protected in the US. It's unfortunate that that also permits anonymous defamation, but that's the price we pay. If it hadn't been defaming speech on a web site, people might also have spread around anonymous pamphlets or sent anonymous mail.
Besides, even if this lawsuit were to succeed and even if they found the posters, the result will simply be that people will be more careful about anonymizing their IP addresses. For example, if you connect from Starbuck's, your name isn't linked to your IP.
Re: (Score:3, Interesting)
Seeing as how there was a crime, how is it wrong for this girl to do what she can to find out who it was and have her day in court? She has a lead, let her follow it. If the providers don't have the logs, sucks to be her, but if they do, they should cou
Re:How can you subpeona (Score:5, Insightful)
Parent
Re:How can you subpeona (Score:5, Funny)
Parent
Re: (Score:2)
Everything else is a variation on the theme.
Exactly! (Score:3, Funny)
After all things added, it should all fit on a single truck.
... or was it a series of tubes?
Re: (Score:3, Interesting)
Re: (Score:2, Insightful)
Re:hmm (Score:4, Informative)
Under Federal Rule of Civil Procedure 45 an attorney can sign and issue subpoenas for third parties, as an officer of the court. I know it's the same for my state, and considering most states base their rules to a large extent on the Federal ones, I'm assuming it's the same for most jurisdictions.
Parent
Re: (Score:2)
You forgot to add on "IANAL".
C//
Can't issue subpoenas until discovery begins (Score:3, Informative)
Plaintiffs can't issue a subpoena without the court's permission since discovery hasn't began. That's the whole nature of the motion for expedited discovery.
http://www.autoadmit.com/thread.php?thread_id=753317&mc=167&forum_id=2#9222459 [autoadmit.com]
Re: (Score:3, Insightful)
Re: (Score:2)