Forgot your password?
typodupeerror
Privacy

Questionable "Best Effort" Copyright Enforcement 123

Posted by kdawson
from the when-best-is-not-good-enough dept.
pmdubs writes "Princeton University Professor Michael Freedman, creator of CoralCDN, discusses how he received around 100 pre-settlement letters in one month from various copyright agencies after invalid BitTorrent tracker requests were issued through CoralCDN's proxies. Interestingly, the participating agencies made no effort whatsoever to verify that the Coral nodes were actually running BitTorrent, which they weren't! He questions just how much effort agencies take to reduce false positives when it comes to DMCA notices. Considering the credence that network operators give to such notices (they'll often cut your service upon receipt), it would seem that the answer is 'not enough.'"
This discussion has been archived. No new comments can be posted.

Questionable "Best Effort" Copyright Enforcement

Comments Filter:
  • by Anonymous Coward on Tuesday December 08, 2009 @07:14PM (#30371846)

    I ran a Tor exit node for a semester at Marquette University. I got DMCA takedown notices all the time, for copyrighted Britney Spears music that was apparently being downloaded through my exit node. Each time, they made me sign a letter admitting guilt to get my Internet turned back on. Fortunately, I was able to make a slightly modified letter that looked the same as the one they had sent me, but didn't actually admit anything, and they would still turn it back on.

    I was following all the rules with my exit node. It was completely permitted.

  • by sexconker (1179573) on Tuesday December 08, 2009 @07:18PM (#30371902)

    Sounds like a good plan to me.
    I'll try this the next time I have to sign something.

    Simply edit it slightly to my advantage, film myself doing so (in case they then do the same, and in court, it'll be a question of which is the original), sign it, turn it in, and let them sign it / approve it.

    $16.7500 / month for rent? 2 year lease? Sweet!

  • by Anonymous Coward on Tuesday December 08, 2009 @07:33PM (#30372050)

    I should also probably mention that they wanted my roommate to sign the same admission of guilt, even though there was only one accusation. Without both signatures, they refused to restore the Internet access.

    As in the story in the article, there was no proof, just an accusation, which was not digitally signed. IT Services assumed guilt, and shut off my Internet connection immediately (and then sent me the letter I needed to sign, 2 days later).

    It only worked the first 2 times. Marquette has a strange sort of 3-strikes policy. After the third alleged infringement, they said that I couldn't get it turned back on at all, but they still demanded that I sign the admission to guilt. I contacted ITS daily to try to get them to fulfill their contractual obligation (under the dorm's housing agreement) and restore my Internet access, but after about a week of this, the tech support people at ITS started telling me that they were forbidden from speaking to me. Eventually cops came and hinted that if I contacted IT Services again, they would arrest me.

  • by Wesley Felter (138342) <wesley@felter.org> on Tuesday December 08, 2009 @07:42PM (#30372146) Homepage

    You don't even need BitTorrent; you just register their IP address with a tracker and they get legal threats.

  • by amicusNYCL (1538833) on Tuesday December 08, 2009 @07:52PM (#30372230)

    From what I understand, the notices are not being sent because of traffic, but because of IP logs (which are not the same). Specifically, they look at the IP logs on the torrent tracker to identify which machines have the content. Any machine is able to register itself with the tracker and say it has any content, regardless of whether it does or not, and regardless of whether it's even running BitTorrent. That's how the guy got his printer DMCA'd - he manually registered his printer's IP address with one or more trackers.

    Considering the fact that it's possible to do that, I am completely confused as to how it is possible that every single IP address that the RIAA, MPAA, Congress, or Senate uses has not been registered with as many trackers as possible. Sure, it would degrade BitTorrent performance on those trackers, but it would be worth it to have the RIAA flood the house or senate with takedown notices when no illegal activity has taken place. Then we might start to see that "under the penalty of perjury" clause get enforced.

    If they aren't actually connecting to those machines and verifying that 1) they are receiving traffic and 2) they are distributing content, then they haven't exactly made a good-faith effort.

  • by Anonymous Coward on Tuesday December 08, 2009 @08:35PM (#30372662)

    register FCC, NSA, and FBI, and various senators (sponsors of the DMCA in particular) IP addresses and see how fast the DMCA is repealed. :)

  • by Anonymous Coward on Tuesday December 08, 2009 @08:43PM (#30372718)

    This is directed at both the parent and the GP: Did you guys even RTFA? Of course not, this is Slashdot.

    As TFA says, most trackers DO ignore the IP, and do actually use the one that is the source of the request. So, when you make the request through a proxy, the tracker records the proxy's IP. The proxy isn't running BitTorrent. The proxy gets a wrongful take-down notice, because nobody ever checked to see if the IP in question was actually running BitTorrent and serving illegal content.

    I know you're specifically mentioning the printer here (which would still be easy to do... unplug the printer, use it's IP to register with the tracker, plug printer back in), but jesus fucking christ... how hard would it be to just check the article to see if what you're asking was covered, before running your mouth off and sounding like a retard?

  • by BlueStrat (756137) on Tuesday December 08, 2009 @09:13PM (#30372948)

    register FCC, NSA, and FBI, and various senators (sponsors of the DMCA in particular) IP addresses and see how fast the DMCA is repealed. :)

    This is actually a very good idea IMHO. You might want to add a few Federal judges and maybe even a few Supreme Court judges. The LEO's and TLA's...maybe not such a good idea. They don't have a very developed sense of humor. Besides, I would think that they'd be more likely to try to keep it quiet, and public outrage by VIP's...preferably with some power to change things...was the point, no?

    Strat

  • by syousef (465911) on Tuesday December 08, 2009 @09:42PM (#30373152) Journal

    It seems to me it ought to be defamation to accuse someone of a crime without making an effort to check that it's true, and run around telling his access provider.

  • by mister_playboy (1474163) on Tuesday December 08, 2009 @09:51PM (#30373220)

    register FCC, NSA, and FBI, and various senators (sponsors of the DMCA in particular) IP addresses and see how the law doesn't apply to them, only to citizens like you. :)

    FTFY. We all know the law is their weapon to wield as they wish, and it won't be turned against them.

  • by Locke2005 (849178) on Tuesday December 08, 2009 @10:09PM (#30373354)
    No problem. Sometimes people just need to check their assumptions.

    I still think this is a flaw in the tracker protocol; if I registered through a proxy and it used the proxy's IP address, then the proxy wouldn't know how to forward incoming requests to me. Does this mean you get zero torrent uploads just be going through a proxy? Also, if no one can actually download the content the tracker is advertising you as having, then no one is really guilty of "making available" copyrighted content, and there should be no case. I agree with others that they should actually attempt a download before filing court papers. Is it a violation of copyright law to advertise copyrighted content for free when you are never actually providing it? Sounds like simple fraud to me, but since nothing of value has actually changed hands, again it doesn't appear actionable.
  • by Monkier (607445) * on Tuesday December 08, 2009 @10:19PM (#30373426)
    Can you easily implicate people by registering their IP address with a tracker? From the article:

    ...requests to BitTorrent trackers can also use CoralCDN, as these are simply HTTP GETs with a client's relevant information encoded in the tracker URL's query string, e.g., http://denis.stalker.h3q.com.6969.nyud.net/announce?info_hash=(hash)&peer_id=(name)&port=52864&uploaded=231374848&downloaded=2227372596&left=0&corrupt=0&key=E0591124&numwant=200&compact=1&no_peer_id=1 [nyud.net]. Notice that the HTTP request includes a peer's unique name (a long random string) and a port number, but notably does not include an IP address for that client. It's an optional parameter in the specification that many BitTorrent clients don't include. (In fact, even if the request includes this IP parameter, some trackers ignore it.) Instead, the tracker records the network-level IP address from where the HTTP request originated (the other end of the TCP connection), together with the supplied port, as the peer's network address.

    In this case CoralCDN was effectively acting as a proxy - the IP address wasn't being falsified. Although these guys did appear to have some luck with falsified IP addresses: Why My Printer Received a DMCA Takedown Notice [washington.edu].

  • Re:False DMCA fee? (Score:3, Interesting)

    by TaoPhoenix (980487) <TaoPhoenix@yahoo.com> on Tuesday December 08, 2009 @10:40PM (#30373536) Journal

    Isn't this Libel?

    http://en.wikipedia.org/wiki/Libel [wikipedia.org] ...libel (for written or otherwise published words)--is the communication of a statement that makes a claim, expressly stated or implied to be factual, that may give an individual, business, product, group, government or nation a negative image. It is usually, ... a requirement that this claim be false... ...and that the publication is communicated to someone other than the person defamed (the claimant).

    -----

    Not sure which interesecting law hits first if they give it to you in the bogus letter, but the second one to the ISP would hopefully be.

    We have a decision matrix gang. If the attack wins 1.2 million and a penalty = "oops sorry" it's pretty obvious.

  • by TeethWhitener (1625259) on Tuesday December 08, 2009 @11:09PM (#30373706)

    The way it sounded to me from TFA, this is fraud. Here's the legal definition (not TFA):

    To establish a claim of fraud, plaintiffs must show by clear and convincing evidence (1) a representation; (2) its falsity; (3) its materiality; (4) knowledge of its falsity or a reckless disregard for its truth or falsity; (5) intent that the plaintiff act upon the representation; (6) the hearer’s ignorance of its falsity; (7) the hearer’s reliance on its truth; (8) the hearer’s right to rely thereon; and (9) the hearer’s consequent and proximate injury. King v. Oxford, 282 S.C. 307, 311, 318 S.E.2d 125, 127 (Ct. App. 1984).

    Could be an interesting case to argue in court.

  • by Krishnoid (984597) * on Wednesday December 09, 2009 @01:46AM (#30374422) Journal

    So theoretically they've exposed themselves to prosecution for perjury. If I called the DA in San Francisco or in my own jurisdiction and asked them to prosecute, what do you think the chances are that they'd do it? Zero, I'd guess.

    IANAL, but I remember reading [sfgate.com] that it's particularly rare to prosecute for perjury in general.

  • by Hurricane78 (562437) <deleted@slashBLUEdot.org minus berry> on Wednesday December 09, 2009 @02:05AM (#30374512)

    He questions just how much effort agencies take to reduce false positives when it comes to DMCA notices.

    Hasn’t he got the memo? Doesn’t he get anything at all?
    I didn’t think that there still are people out there, who are so incredibly naive, to believe, that the point of those DMCA notices is, to stop you from copying the music!
    No. Everybody realized for a looong time, that the whole point is solely, to make money!
    I mean, if you realized it, it’s so obvious! The whole point of a business is to make money. Since when does it matter, how and by which means? At the end of the day, the most successful strategy of making money, is what will be done. That’s natural selection... kinda.

    How can he call himself an expert, and not know that?? Seriously! It boggles the mind!

    I’ve seen it twice: Even if you started to pay money, but stop right in the middle... you’ll never hear something from them again. It already was profitable. Now the effort would be bigger than the profit. So they won’t take any further actions.

    From practical experience, I know that the best experience is, to simply tell them to get lost, that you are an expert in the area, *know* that they got shit, and will kick their ass to hell and back if they ever contact you again.
    Sometimes, they will not stop at a letter from a lawyer, but try some pseudo-scary shit. Like a letter from court and such. Just send a letter back that you completely disagree with all claims. Because then they have to come up with some proof. Which they can’t. 99% of the time, that’s it. In rare cases, they come up with fake “proof”. Only in these cases, hope that your judge is not a total backwards retard.

    But I don’t have to tell you that it’s better to live in a country with competent courts, do I? ^^

  • by Anonymous Coward on Wednesday December 09, 2009 @02:34AM (#30374652)

    I'm just curious... since these aren't actually bottomless pits of money, and perhaps there are thousands of people who can and would sue. Would it make sense just to sue these groups en-mass? What if a million people separately sued them for being a nuisance? If it costs them a thousand or more per suit just to look at it, would it bring them down to size?

  • by ultranova (717540) on Wednesday December 09, 2009 @06:48AM (#30375602)

    Perhaps this (and the widespread lack of privacy in cloud-based services generally) will drive more users to privacy-preserving data sharing options, such as OneSwarm.

    Or Freenet [freenetproject.org].

How can you work when the system's so crowded?

Working...