File-sharing and AOL

Andrew Leonard writes "Farhad Manjoo's cover story in Salon today, on AOL's refusal to take a stand on the RIAA's (so far) successful attempt to get subscriber information from Verizon, is a detailed look at the most important battle in the file-sharing world right now."

Not in a possition

[bace]

I dont think that AOL will cave into the demands. If they do cave in, people might think twice before signing up for AOL, and present users might think about jumping ship. The numbers might sound trivial, but see numbers drop ould hardly be a good thing for AOL in its current financial situation.

Sorry about the spelling, too much free beer.;)

Re:Not in a possition

[scott1853]

So are you assuming that people choose AOL based on rational analysis of cost, quality, support and political agenda?

What's the article about?

[MacAndrew]

I couldn't figure whether it was about:

1. AOL's conscience (?)
   
2. AOL's search for its soul (?)
   
3. Proof required for a subpoena (details?)
   
4. Corporate tension between making profits one way (ISP) versus another (DMCA) (who's Mr. Hyde?)
   
5. How big companies try to spin things to avoid blame ("we had to squeal")
   

Personally, I think the burden of proof for the subpoena is the whole bananna. Note that once the RIAA has your name, is still must make its case you broke the rules. They'll maybe get part of that by suckering you into downloading directly from decoy computers. The hard part will be getting you for nickle-and-dime offenses. More likely, they'll look for the folks who host thousands of titles on P2P. And perhaps they should.

I don't really have a problem with copyright in the abstract, unlike many here, but do with the basic privacy issue in careless attempts at enforcement. Can weirdoes (e.g., Capitol Records :) get my name and address from an ISP on a whim? Just on grounds of personal safety, let alone privacy, this is not a good trend. (We're not in the phone book, never have been, for example, but the internet has the number anyway ... enough exposure already.) I'm among those who doesn't want strangers flipping through any data about me without a convincing reason. This whoke binge of law enforcement, civil and criminal, could make for some really lousy precedent, such as we're seeing already in the jurisdiction battles over libel.

Perhaps the simplest fix is a method of IP obfuscation. But anonymizing makes legitimate enforcement of far more compelling laws (kiddie porn, stalking, etc.) will become more difficult -- yet another side-effect of this whole enterprise.

Nice to see some positive mention of Salon, though. They did some interesting journalism a while ago, and I wonder if those days are long gone.

Re:What's the article about?

[trmj]

I'm among those who doesn't want strangers flipping through any data about me without a convincing reason

I agree with you on this point, but then I sit back and think about it: Am I really that interesting?

I've decided that although personal privacy and freedom are very important, if some weirdo (capitol or otherwise) really wants to see what kinda of pr0n I look at or wants to listen in on my phone conversations (which almost always consist of "So, Starbucks or cyber cafe first?"), let them. Maybe they will get some sort of insight that in general, people aren't worth listening to.

Re:What's the article about?

[MillionthMonkey]

I agree with you on this point, but then I sit back and think about it: Am I really that interesting?

I've decided that although personal privacy and freedom are very important, if some weirdo (capitol or otherwise) really wants to see what kinda of pr0n I look at or wants to listen in on my phone conversations (which almost always consist of "So, Starbucks or cyber cafe first?"), let them. Maybe they will get some sort of insight that in general, people aren't worth listening to.

People who smoke marijuana tend not to be very interesting either. They make silly observations that they mistake for profound insights. They're preoccupied with chips and chocolate. They keep forgetting what they were talking about.

And yet the nation's prisons are packed with them, so clearly someone is interested.

Re:What's the article about?

[Jeremi]

I agree with you on this point, but then I sit back and think about it: Am I really that interesting?

Ja, Herr trmj. If you have nothing to hide, you have nothing to fear. Your papers, please?

Re:What's the article about?

[Chokma]

I'm among those who doesn't want strangers flipping through any data about me without a convincing reason

I agree with you on this point, but then I sit back and think about it: Am I really that interesting?

Almost everything you talk about will interest someone...

• The health insurance might want to know all about your occasional stomach problems you discussed with your mom yesterday
• Your employer might want to know which bars you frequent in order to know if you hang around known places of vice, gambling and drug abuse.
• Your bank and the IRS might want to know if you plan to go shopping for a new car while owing someone money etc.
• Your wife may want to check on you, so she may call your friend if you are with him or with a woman.
• Spammers want to know the size of your penis. (Granted, few people talk about that in public.)

All information can be misused. And at one point, twenty years from now, Joe Doe, a reformed christian and good father to his children, will most certainly not want someone to post his teenage pr0n habits on the net. Even if it is old stuff, you would wonder if he is still into it...

Re:What's the article about?

[trmj]

Sooner or later they'll have something to hide

That's what talking face to face is for. If you really want something to be kept secret between you and another person, why even consider using something as open and easily hackable as a telephone or the internet?

you boring people have to support these privacy issues that affect people like me

Ok, do ya know how many things you got wrong in this statement? Well, two.
1. You say everybody has to suport these no matter how boring they are. That's not exactly a good way to get people to support something. That gets them defensive. If you need something supported, get down from your high horse and show people how it affects them, boring or not.
2. I never said that *I* was a boring person. I just said my phone conversations aren't the most interesting things to listen to.

I want to say I sense a bit of sarcasm in your statements, but you are coming off as serious. If you really have that much to hide, perhaps it's time to start cleaning out your closet?

Re:What's the article about?

[Weirsbaski]

Personally, I think the burden of proof for the subpoena is the whole bananna. Note that once the RIAA has your name, is still must make its case you broke the rules. They'll maybe get part of that by suckering you into downloading directly from decoy computers.

If they have enough info for a subpoena, then can take your name to the feds to make a little "surprise visit" to your residence, taking your computer (and cd's, and x-box, and stereo, and cordless phone, and anything else remotly related to alleged file sharing) back to their ofice for "further investigation" .

In this case, even if they don't find a single thing to nail you to the wall with, they still made an example out of you and still won.

Re:Not in a possition

[NanoGator]

"If they do cave in, people might think twice before signing up for AOL..."

You mean once they get past the price?

Re:Not in a possition

[Simonetta]

Let me see if I understand this:
1> At the beginning of 2003, there are thousands of ISPs which offer internet service to about 100 million people in North America. Of all these people, about maybe ten to twenty million use P2P occasionally.
The RIAA monitors the P2P networks and assumes that they own everything that is flowing across any P2P network.
The RIAA selects one million or so intercepted P2P streams a month at random and orders the smaller ISPs to identify and turn over the identification of the 'criminals' to them. All legal threats to AOL are ignored by AOL as 'under review for possible questionable activity'
The smaller ISPs immediately cancel the service of their clients randomly selected by RIAA. Their names go to the RIAA and RIAA sends these names to the other small ISPs and threatens 'legal action' if anyone on this black list is allowed to sign up on a different ISP. AOL allows allows these little lost lambs the opportunity to sign on for $24 a month plus a small surcharge for being a 'criminal'.
2> The RIAA threatens AOL. AOL tells the RIAA to back off or Warners will leave the RIAA. Faced with the possible loss of 25% of its membership and its subsequent breakup, the RIAA allows AOL Warner to 'continue to study the situation for any possible wrongdoing'. It backs off. AOL gives a small percentage of 'criminal surcharge' (which is growing by millions of new customers per month) to the RIAA for 'operations research'.
3> Early 2004, all the small ISPs are gone. There are one or two medium sized ISPs that handle nothing but people who hate everything offered by the P2P networks and never have or would download anything from them, and AOL. AOL has tens of millions of new customers all paying $35 a month at least and about half of them also paying a 'criminal surcharge' (which will never be removed).
4> AOL Time Warner's stock price goes back to the mid-50s. Levin, Turner, and Case are brought back from exile at the pig farm to run the company in its new glory era.

Was that my IP?

[crisco]

All that the record industry had on the alleged thief was an eight-digit Internet protocol address, 141.158.104.94.

Hmm, I wonder what my IP was last July 15th...

Re:Was that my IP?

[trmj]

I read that and began to think for a minute.. then realized I'm not a verizon customer, and that I have no place on p2p: I'm on dialup.

Re:Was that my IP?

[Peterus7]

Hmm. If AOL had the bandwidth to support p2p they'd be for it, but since they just plain DON'T....

Re:Was that my IP?

[Wesley Felter]

AOL now owns RoadRunner, but they probably still don't support P2P because they make much more money from people who use their $50/month cable modems for nothing but Web browsing and email.

Re:Was that my IP?

[mikeophile]

In hexadecimal, that address is eight digits. 8D.9E.68.5E

Re:Was that my IP?

[kruetz]

Hexadecimal? It becomes: 8D.9E.68.5E ... but then again, since the RIAA can't even count burners (maybe they were using octal, so 150 becomes 104!) it's more likely they got lost counting the digits in the IP address - "one, two, three, ... three ... ummm ... oh hell, there can't be more than eight! yeah! there's eight!"

Re:Was that my IP?

[AntiNorm]

How on earth is that an eight digit IP address?

Rosenian mathematics allows for some strange inflation/deflation with numerical figures; that's probably what you're running into here. This is the same mathematical model that allows 500 CD burners to be represented as 1200, for instance.

Re:3 + 3 + 3 + 2 = ?

[grub]

8 digits eh? Well, whoever's at 141.158.1.0 should be worried - thats a whole network address.

Not necessarily. You could subnet into larger segments. You're thinking of the old "class" system. In fact at work a good chunk of our internal routing equipment lives on 172.16.0.0/24

Re:Was that my IP?

[Anonymous Coward]

Good question. I'm actually straight myself (though I usually sleep with gay and straight men), and I haven't heard anything about this.

And you're wrong about Dell. Michael Dell himself is quoted as saying "man, I'd love to flutter my tongue gently...against the underside of [Microsoft CEO Bill] Gate's [testicle] sack". [InfoWorld v 12 issue 24, April 25 1993]

Why do you think the internal code name of the Dell PowerEdge servers was the same as a popular brand of anal dildo?

The only 100% "straight" computer company was Digital, but they had to "go funny" when they were bought by Compaq (with a name like Compaq, well, you pretty much have to!).

Anyway, if you uncover any more info on Apple's marketing campaign, I'd just die to hear about it.

Internal company conflict

[James_Duncan8181]

AOL's media division need the DRM leash. AOL's ISP side need to sell bandwidth. THese obviously conflict. This is just like the Sony Music (pro-DRM) / Technical department (pro cool gadgets and anti DRM functionality killing) problems - two departments company that HAVE to work out the conflicts inherent in the situation and can do quickly beaacue it is internal to their company.

If you want to see where we will be in 5 years as a general, having a look at the solutions adopted in these situations would seem to be a damn good guide.

Heheheh...

[YellowElectricRat]

From the article:

All that the record industry had on the alleged thief was an eight-digit Internet protocol address, 141.158.104.94

...and a nasty case of trying to count without taking their socks off... :)

Re:Heheheh...

[pimpinmonk]

...and a nasty case of trying to count without taking their socks off... :)

No... it's a nasty case of subconsciously thinking in hex... even worse IMHO

Re:Heheheh...

[silvaran]

8D 9E 68 5E

But yeah, I know what you mean ;)... leave it to the non-technical writers to write a technical report.

This doesn't make any sense.

[goatasaur]

It takes, like, five hours to download an MP3 on AOL.

Re:This doesn't make any sense.

[Eric_Cartman_South_P]

And does it go "beep beep beep beep beep beep" and then half of your MP3 is gone?

Re:This doesn't make any sense.

[MBCook]

But AOL is really big right? So in RIAA logic that's like a normal person downloading an MP3 in 25 hours.

No wait, RIAA math makes things worse and that would be better. My RIAA math skills seem to be failing me. How can RIAA math not be right?

I guess they've switched the way their math works. That would make more sense because that IP address that they say is 8 digits is 11.

Does this mean my 24x CD drive now only counts as 1/4 a drive instead of 6?

I'm confused :(

Thats funny

[trotski]

Warner music is one of the most imortant members of the RIAA

AOL is a part of the AOL-Time-Warner corporation; so is Warner music. Is there therefore a conflict between divisions of the company? Hmmmm... me thinks it's time to sell my ATW stock.... wait, I don't have any anyway.

I don't see the big deal

[Noksagt]

The article even points out that MSN and others have refused to comment. Why then is AOL so suspicious just because of their TW relationship?

If _I_ had an ISP, I wouldn't comment either (I'd just go for another swim in my money....)

These big companies rarely have a unified front, as /.ers have pointed out many times on the media/hardware manufacturer copy protection debates.

Re:I don't see the big deal

[_anomaly_]

(I'd just go for another swim in my money....)

... you're assuming that (predominantly dialup) ISP's make money ;-P

Re:I don't see the big deal

[appleprophet]

"If _I_ had an ISP, I wouldn't comment either (I'd just go for another swim in my money....)"

Considering AOL just posted a loss larger than Russia's entire budget, I don't think money swimming is a common sport over there.

for those who hate flash / on dialup

[Anonymous Coward]

Feb. 10, 2003 | One day last summer, a person using Verizon to access the Internet logged on to Kazaa, a popular peer-to-peer music-swapping service, and started downloading MP3s. It was the sort of thing that millions of people do every day; the only difference this time was that an analyst at the Recording Industry Association of America was monitoring the action.

The RIAA's efforts to obtain this single Verizon subscriber's identity has ballooned into a major courtroom battle over the scope of the Digital Millennium Copyright Act, the 1998 law that outlines protections for online content. The litigation has split the ranks of Internet service providers and content companies: ISPs, who say they worry about their subscribers' privacy, have generally sided with Verizon, while copyright holders have supported the RIAA.

But stuck in the middle of this fight is a firm that is both a huge copyright holder as well as a huge Internet company -- in fact, it is the leading company in each industry. This is AOL Time Warner, a neither-fish-nor-fowl hybrid of copyright and consumer interests, a combination that has left the company pretty much speechless on a case that could determine the privacy rights of its more than 30 million subscribers, not to mention the rest of us. While other ISPs are running scared, AOL, the biggest ISP of all, is keeping mum.

In January, after months of legal back-and-forth in the Verizon-RIAA case, U.S. District Judge John Bates ruled in the recording industry's favor, ordering Verizon to hand over the Kazaa user's name and address. Internet service providers, privacy advocates, and people critical of the growing influence of copyright owners were devastated by the Bates opinion. The ISPs are worried that they'll be flooded with requests for their subscribers' information, and that they'll have no way to determine the accuracy of these claims.
"You could simply walk into a courthouse, sign a form, and send us a subpoena," says Les Seagraves, the chief privacy officer of EarthLink. "We would have to turn over the name and address of that user. And of course that could get abused -- and there's really nothing we could do about it. The volume of these things would increase, and we'd find ourselves in the subpoena-compliance business, not the Internet business."

Verizon plans to appeal the ruling, and dozens of ISPs have supported its position. But AOL Time Warner has said nothing about the case. The company's online unit has declined to explain what it thinks of the legality of the type of DMCA subpoenas the RIAA seeks, or whether, like other ISPs, it fears being inundated with requests for its users' private info.

Ordinarily, AOL's silence might not mean much. Giant corporations tend not to comment on ongoing litigation, and MSN, the huge ISP owned by Microsoft, has also refused to say anything. But AOL's silence is conspicuous given its unique position as a troubled sister-company to the world's largest media firm. Its silence may also have important practical effects. "They're the biggest ISP, and if they said, 'Wait a minute, we think there's a problem here,' that would be taken very seriously by the courts," says Cindy Cohn, the legal director of the Electronic Frontier Foundation. "I think there's no question that would be a tremendous voice."

But will that voice speak out -- or will it be muffled by the media interests that now appear to control AOL Time Warner's future? It's not really an exaggeration to suggest that the privacy of your actions on the Internet could depend on what this single company does next.
The RIAA analyst who logged in to Kazaa last July 15 discovered that the Verizon subscriber had 666 music files available for others to download, including songs by "Billie Holiday, the Beatles, the Who, Pete Seeger, James Taylor, Bob Marley, Johnny Cash, Stevie Wonder, Billy Joel, Barry White, Aerosmith, Janet Jackson, Madonna, U2, Jennifer Lopez, 'N Sync, Britney Spears, and countless others," the RIAA says.

The person was obviously a music lover and may have been one of the record industry's best customers. But the RIAA considered this person a significant threat to its business, guilty of "theft ... on a massive scale." To make matters worse, the crook was anonymous; the person's age, sex, phone number and address were unknown to everyone outside Verizon's billing department. All that the record industry had on the alleged thief was an eight-digit Internet protocol address, 141.158.104.94.

When the RIAA asked Verizon for the identity of the user at that IP address, Verizon declined to release it. The trade group filed suit against Verizon, citing the provisions of Section 512h of the DMCA.

Section 512h of the DMCA is just a bit more than 500 words in length and about as easy to decipher as an ancient hieroglyphic scroll. Legal experts are fond of saying that the DMCA was conceived as a grand bargain between ISPs and copyright holders -- the law freed the ISPs from liability for their users' copyright violations as long as the companies cooperated with media firms' anti-piracy efforts. Section 512h reflects the muddle of that grand bargain, and everyone seems to have a different idea of what the passage means.
The recording industry says that Section 512h allows copyright holders to obtain a subpoena ordering an ISP to identify a subscriber accused of infringing upon a copyright. To be granted such a subpoena, a media firm must draw up a list identifying the works in question, must provide "a statement of good faith" testifying that it believes infringement has taken place, and must swear "under penalty of perjury" that it wants the information only to protect its copyright. The copyright owner would present these documents to the clerk of the court, not to a judge; the clerk would check to see that the documents are in order and then issue the subpoena. Neither the clerk nor the ISP would initiate any investigation to determine the accuracy of the claims made by the copyright owner.

Since last July, the RIAA has served other ISPs besides Verizon with 512h subpoenas, and some of them, including EarthLink, have also rejected the requests. But according to Nicholas Graham, a spokesman for AOL, the RIAA has not recently sent such a subpoena to AOL -- a company whose member base is at least 10 times the size of Verizon's and probably includes at least one or two, if not 1 or 2 million, peer-to-peer file traders. Asked what AOL would do if the company received a 512h request for member information right now, Graham declined to answer, saying that it would require him to comment on a hypothetical situation closely related to an ongoing legal case.

Did the recording industry purposefully not serve AOL with a 512h subpoena because of its ties to content companies? The RIAA says no -- in fact, the group says, AOL has been served with such requests for subscriber information in the past, and it has complied. "We have sent AOL these subpoenas and they have responded," said Matthew Oppenheim, the RIAA's vice president of business and legal affairs. (AOL's Graham did not confirm or deny this charge.)

Determining exactly what AOL is really doing with RIAA subpoenas -- if it has actually been on the receiving end of them -- is critical, because other ISPs, including Verizon, read section 512h very differently from the RIAA. Verizon says that the law requires ISPs to turn over a subscriber's name and address only under one condition -- if the subscriber has stored copyright-infringing material on the ISP's computers. For example, if a Verizon subscriber saves an illegal copy of an 'N Sync song on a Web site hosted by Verizon, the company would have to tell the record labels how to contact that subscriber; but if the material is just on the user's computer, as it is for people who use peer-to-peer services, Verizon says it has no obligation to disclose any information at all.

"I was one of the 10 industry representatives who was there to draw up this law," said Sarah Deutsch, associate general counsel for Verizon. "There were five people from the telecom sector and five from the content sector -- and it was clearly our interpretation that the content would have to be on our network. We agreed to a process called 'notice and takedown' for material that was on the network." Deutsch says that the use of the word "takedown" in the DMCA is important, as it implies that the content in question must be on an ISP's system to trigger the law -- if the material is beyond the ISP's control, she argues, how can the company take it down?

The RIAA says Verizon's position is illogical. "There are so many ways it doesn't make sense," Oppenheim says. Why, he asks, would Congress have decided to protect online content in one location -- on the ISP's network -- and not in another? And how did Congress expect the copyright holder to determine where the content was being hosted?

The DMCA doesn't care where the content is being hosted, Oppenheim says. Whenever a copyright holder sees media of its own that appears to have been illegally copied, whether on the Web, on a peer-to-peer service, an e-mail message or some other digital form, the DMCA allows the content company to find out who did it. Oppenheim says that the law is straightforward, and he rejects the idea that the RIAA's case against Verizon is a "test" of any kind. Since the passage of the DMCA, the RIAA has obtained 96 such subpoenas, Oppenheim said, and Verizon was the first ISP to reject one. "Before that, nobody ever objected," he said, "and the only reason it's now a test case is because Verizon thought there was a question."

In documents filed in the case, the RIAA points out that Verizon may have only recently come to that position. On several occasions in 2000, the RIAA asked Verizon to take down infringing material from its network -- and nine times, the company said that the content in question was not on Verizon's network, but that the company would be happy to provide the RIAA with subscriber information if the RIAA obtained a subpoena under the DMCA's 512h.

"And that's not surprising," says Oppenheim, "because everybody knew 512h allowed that. So you have to ask: Why would Verizon suddenly change their view? And, well, I have my answers. They've got an enormous base of infringers. Their view is there would be an economic hit if they started to allow this."

Nobody has a larger number of subscribers than AOL, or would be likely to take a bigger hit if suddenly forced to crack down against every instance of file-trading that an AOL subscriber engages in. But, at the same time, no company has more media properties at risk from file-trading than AOL Time Warner.
Oppenheim points out that the only interpretation of the DMCA's Section 512h that counts, so far, is that of Judge Bates -- and Bates' decision is not even a close call. He sided fully with the recording industry. "The Court disagrees with Verizon's strained reading of the act, which disregards entirely the clear definitional language of subsection h," Bates wrote in his 37-page ruling. (PDF file here.) Verizon's position, Bates said, "makes little sense from a policy standpoint. Verizon has provided no sound reason why Congress would enable a copyright owner to obtain identifying information from a service provider storing the infringing material on its system, but would not enable a copyright owner to obtain identifying information from a service provider transmitting the material over its system ... It is unlikely, the Court concludes, that Congress would seek to protect copyright owners in only some of the settings addressed in the DMCA, but not in others."

Verizon says it will appeal the decision. The stakes are enormous. If you accept that Congress really meant to say what Bates and the RIAA say it meant -- that anyone who suspects a copyright violation can obtain the alleged infringer's identity rather easily and without judicial review -- then the DMCA would seem to be much more unreasonable, and much scarier, than even critics of copyright owners have previously said. According to ISPs, consumer groups, and legal experts, the practical effects of this ruling would be terrifying -- and AOL's silence on the issue despite these consequences "is deafening," says one person in the industry.

"The scope of copyright is infinite in the Internet era," says Peter Swire, a law professor at Ohio State University and the nation's first (and last) chief counselor for privacy at the Office of Management and Budget in the Clinton administration. "Every time you send an e-mail you could say it's copyrighted." The 512h subpoenas, he notes, are "automatic -- no judge is involved. So you will have all these automatic subpoenas where the underlying facts may never have been checked by any human being. You have bots that search for files," and the findings of those bots will simply be passed along to a court clerk, who will order up a subpoena.

These copyright-sleuthing bots -- software programs that scan the Internet for files that "seem" like illegal copies, a determination that can be made on as little evidence as a filename that appears fishy, like "MetallicaSong.mp3" -- are already in use today. They are run by copyright-enforcing firms hired by media companies; everyday, these firms bombard ISPs with requests to pull from their network material that appears to be illegally copied.
Documents Verizon presented in the case show that these bots can sometimes be wrong. For example, the company produced a letter sent to UUNet by MediaForce, a "DMCA enforcement" firm that represents Warner Bros. -- an AOL Time Warner company and a member of the RIAA. The letter demanded that the ISP take down a file that MediaForce said was an infringement of the "Harry Potter" series of books. You can see how the bot might have made that mistake -- the file, which was tiny, was called "harry potter book report.rtf."

"The ISPs get thousands of these things, and they get a not insignificant percent that are not just wrong but are spectacularly wrong," says Cohn of the Electronic Frontier Foundation. "And if the Verizon decision under 512h is upheld, we'll start seeing the same thing for people's identities, and they're going to be wrong in the same percentage that they're wrong now." That's because a key problem with the DMCA, critics of the law say, is that it provides little incentive for copyright owners to make sure that they're providing the court with accurate claims. "They may as well make these things as broad as possible," Cohn says. "There's nothing in the system to make them do otherwise. It's just takedown, takedown, takedown."

Critics of the Bates ruling also worry about intentionally fraudulent copyright claims making it through the system. If you have an entire legal apparatus devoted to "expeditiously" divulging people's private information, there's a chance that the system will become a target of people with something much more sinister than copyright enforcement in mind. "We have seen copyright laws abused by people who have other agendas," Cohn says. "This is a method by which an angry ex-husband can locate an ex-wife, or a process by which stalkers can locate people."

The RIAA's Oppenheim rejects such horror stories. He notes that the DMCA requires people filing for 512h subpoenas to attest to their "good faith" intentions under "penalty of perjury" -- which he says is a strong standard and punishment. Moreover, the judge, Oppenheim says, found the DMCA 512h subpoena process more protective of consumer rights than the process Verizon suggested: that copyright companies file "John Doe" lawsuits against alleged infringers, a scenario that would allow a judge to decide the merits of the case before any personal data was revealed.

One attorney that the RIAA said would back up its view is Douglas Lichtman, a professor of intellectual property law at the University of Chicago Law School. "The cases we should be worried about [with 512h] is where the accusations are not true," Lichtman said. "A case where there's a false accusation, or even worse where there's someone who's using anonymity in an important way -- say where I have a site where I'm making political comments. So the core question is: Does the system as interpreted by [Judge Bates] protect the system enough from false accusations. Verizon says no, the music industry says yes, because the statement is a sworn statement.

"And I have to tell you, I've been torn," Lichtman said. "I've gone back and forth. And I think that the right answer is that a sworn statement under penalty of perjury provides a strong protection." But Lichtman also said that he felt "reasonable minds" could disagree about the consequences of the ruling.
Although AOL Time Warner has refused to say much about its position on this case, the company hasn't, really, been officially silent. Rather, it has held two diametrically opposite views that, taken together, signify a deeply split identity. On one side are many of the company's media subsidiaries -- its record labels and movie studios -- which are part of the RIAA. On the other side is the company's online division, AOL, which is part of the U.S. Internet Service Provider Association, an ISP trade group that filed a legal brief in support of Verizon, and therefore against the RIAA in this case. Through two trade groups, then, AOL has technically told the court that it's on both sides of this issue. Talk about a tough merger!

When asked any questions regarding the specifics of the RIAA-Verizon case, Graham, the AOL spokesperson, repeatedly declined to comment, explaining that the case was a "legal matter that did not affect AOL directly." But he said that the mystery over AOL's stance on this case didn't indicate anything about its privacy policy. "We have a strict privacy policy in place at AOL that prohibits us from providing personal information about our members, unless there are specific circumstances under which the information was requested," Graham said.

Those are cases in which the company is served with a criminal or a civil subpoena. In the case of a criminal subpoena, one obtained by law enforcement in the course of a criminal investigation, AOL will "absolutely" turn over a user's identity, Graham said. In the case of a civil subpoena, "there is careful legal scrutiny, and we have a right to review or contest it, which is what happens in many cases. We check to see whether the subpoena has any merit whatsoever, or whether the subpoena asks information that we do not have and do not keep." If a member's identity is requested through a civil subpoena, Graham said, AOL would first get in touch with the user and let the person know of "their right to contest it. And we'd give them a certain period of time in which they can answer us."

The process set by AOL to comply with ordinary civil subpoenas would seem to be protective of a user's identity; but the scheme wouldn't work with the sort of DMCA 512h subpoenas that AOL's media siblings are seeking. If AOL received a 512h subpoena, it would not have the opportunity to check whether such a request had any merit. And the subpoenas -- which Bates said were designed to be "expeditiously" processed -- would not give the company and users a few days to think over the request.
This will be made all the clearer if ISPs are served with hundreds or thousands of such subpoenas at one time, a scenario some people fear. Dave McClure, the president of the U.S. Internet Industry Association, an ISP industry group that does not include AOL, says: "If an ISP receives 60 boxes containing 10,000 IP addresses for which the RIAA wants you to cut off their access and give up their information, the ISP has no way of knowing whether these people were guilty of infringement or not."

Does AOL recognize, or share, these fears? That's impossible to tell. If you ask people in the ISP industry what they believe AOL's position on this case to be, many say that they couldn't guess but that they suspect the company's silence so far means it has taken a back seat to Time Warner. Others in the industry will tell you of rumors, whispers -- unconfirmed, and denied by the company -- that AOL Time Warner has told lawmakers it's pleased with the Bates decision.

One person conjectured that the RIAA met with AOL before serving other ISPs with 512h subpoenas, but the RIAA's Oppenheim said that the story was absolutely false. "That's just one of those myths you hear," he said.

What if, deep in its corporate heart, AOL Time Warner really, truly, has no position on this case, if only for the reason that neither side presents a very good option?

If AOL Time Warner sides with Verizon -- and therefore its own online subscribers and their privacy rights -- it faces a clear cost: the wrath of its media divisions and of others in that business, companies who believe that file trading will be the death of them. And what benefit would it get from protecting consumers' privacy? Perhaps not a whole lot; the subscribers would likely be oblivious to the whole matter anyway. (The sort of people who care about how their ISP interprets obscure sections of the DMCA aren't likely to be on AOL in the first place.)

How would AOL TW do if it took the RIAA's side? If 512h subpoenas become a frequently used tool of media companies, and if RIAA applies them fairly across ISPs, AOL would probably face a hurricane of such requests. It might very well have to kick off many of its own users for the sin of file trading -- which would be terrible for its image, and help depress already stagnant subscriber growth rates.

Perhaps, in the end, silence is AOL's only rational option, at least until its internal politics are solved.

"AOL's problem is they're just a two-headed monster," Mark Cooper, of the Consumer Federation of America, likes to say.

The important question now is, which monster is bigger?

This gets modded up?

[ALoverOfPeace]

Salon is having major financial troubles. They make their money by having people view their ads when reading their content. There is no registration required to view their content. If you have a problem with viewing an ad as a requisite for accessing their content, why not try to find a print substitute of Salon's quality that costs money.

Great.

[mikeophile]

Not only are all the tech jobs going overseas, but now the US is going to lose it's warez site superiority too.

ATTENTION RIAA! NO NEED TO CONTACT MY ISP

[Veovis]

I just downloaded Metallica's "Enter Sandman" from the following P2P network:

Kazaa

My IP is 204.39.65.157, a proxy

My information is:

Home Address:
John Abshire
14387 SeeYouInCourt
Whatareyougonnadoaboutit, MI, 48hahaha

You may also contact me at my work address:
John Abshire
1 Microsoft Way
Redmond, WA USA 98052-8300

Re:ATTENTION RIAA! NO NEED TO CONTACT MY ISP

[kruetz]

Pity the poor bloke that actually lives on SeeYouInCourt Rd, Whatareyougonnadoaboutit. "Alright, buddy, get in the van!" "What? What's this about?" "We know you've been downloading illegal MP3s. Now move it!" "But I don't even own a computer! I only moved in last week!" "Look buddy, we saw your post on slashdot. Now're you're fucked!" -- slashdot nabs another net-thief

Yea, Right

[Veovis]

Dialing..... Connecting... Loading... WELCOME! YOU GOT LAWSUIT!

Re:Yea, Right

[Maserati]

Someone had to bring this up. Dude, you got busted ! [theregister.co.uk]

Someone really ought to submit it as a story, probably to kuro5hin.

Who writes the law?

[migurski]

"I was one of the 10 industry representatives who was there to draw up this law," said Sarah Deutsch, associate general counsel for Verizon. "There were five people from the telecom sector and five from the content sector -- and it was clearly our interpretation that the content would have to be on our network."

Why are industry people there in the first place, to draw up the law? Are they balanced by ten representatives of the public?

Re:Who writes the law?

[goatasaur]

Why are industry people there in the first place, to draw up the law? That's easy. They needed consensual agreement to terms; otherwise they'd have to leverage their powers through the congressmen they bribe.

Re:Who writes the law?

[milo_Gwalthny]

Please, this is America. We have respect for private property here.

You can be on the panel when you buy your own congressman.

Re:Who writes the law?

[hastings14]

Why would you need ten respresentatives of the public to work out a compromise in a legal dispute between ISPs and Copyright holders?

Back in the 90s, since technically everything sent over the internet is a copy, and thus technically the ISPs were in pretty much infininte copyright violation, copyright holders could have legally bankrupted every ISP in America. Since Congress didn't want this to happen, they put the two groups in a room and told them to work out a compromise. I think it makes perfect sense to get two sides in a dispute to come together and compromise, rather than impose a solution from outside or through huge nasty lawsuits. When the two sides compromised, congress then wrote up the compromise into law.

Unfortunately, that law was attached to other laws that were poorly written and includes a bunch of other stuff that were extremely harmful to consumers. However, the part dealing with the ISPs not wanting to get sued by copyright holders didn't really involve the public and didn't really hurt them.

Don't be so quick to label something as "evil" - a lot of times you wind up throwing out the baby with the bathwater...

8, 12, what's three digits between friends?

[autopr0n]

All that the record industry had on the alleged thief was an eight-digit Internet protocol address, 141.158.104.94

Of course, it would have been 8 digits if it was written in Hex. maybe the author was just a hard-core nerd? And thought, digit = 4bits?

Re:8, 12, what's three digits between friends?

[$$$$$exyGal]

$ perl -e 'printf "%x.%x.%x.%x\n", (split(/\./,"141.158.104.94"))'
8d.9e.68.5e
$

There ya go. Now it is 8 digits (but 4 numbers).

--sex [slashdot.org]

heyyyy

[The Other White Boy]

wait a minute ... people still use aol?? now that's what i call a news story!

666

[rolux]

from the article:

The RIAA analyst who logged in to Kazaa last July 15 discovered that the Verizon subscriber had 666 music files available for others to download

and, imagine: he or she had even set the file permissions to 0666!!

All that the record industry had on the alleged thief was an eight-digit Internet protocol address, 141.158.104.94

so, lets see... 1+4+1=6... 1+5=6... 8 ("eight-digit internet protocol address") is the 6th digit... 104+94=66+66+66...

bring on the californian inquisition!

Re:666

[evilWurst]

bring on the californian inquisition!



nooooo-one expects the californian inquisition!

User vs IP address

[chill]

This will get interesting when the RIAA comes crashing into a dorm room that is NATted behind a proxy/firewall.

They have a warrant to search...

IP WW.XX.YY.ZZ, but THAT is the IP of the NAT proxy/firewall. Oops, no music THERE! No warrant for any OTHER IP, such as the PC which is 192.168.0.100...

User "Joe Schmoe", who, by the way, HAS no MP3s. THOSE are all stored on his friend's PC -- who isn't named in the warrant.

OR, "Joe Schmoe" doesn't OWN the PC, he only is paying for the service. The PCs actually belong to someone else -- who is not named in the warrant.

OR, the PC with the goods belongs to a minor, who just happened to be the purchaser of all the CDs that he ripped and shared. A minor who CAN'T ENTER INTO A LEGALLY BINDING CONTRACT such as a music licensing agreement...

OR... take your pick. The costs for the RIAA to start tracking down and legally pursuing individuals would be astronomical.

Good luck proving successful downloads of songs for copyright infringement. Not to mention proving the downloads were of the SONGS claimed, and not some other file with the same name. Even if the file "baby_one_more_time.mp3" exists on the subject's machine, and the RIAA downloaded it and tracked back to to the subject that is only ONE violation. There is no way they can legally prove other infringements -- maybe the person was sharing a copy of bible reading masquerading as Brittany Who's-Dumping-Me-Today Spears? Maybe the RIAA was the only one that got the real thing?

The sheer expense will deal with this issue.

Re:User vs IP address

[MBCook]

Well all know that this is just a fear tactic. The idea is that if they can make a few big cases and get a few big sentences on some of the major sharers, it will make the news. And your average person doesn't think P2P is that bad, but if they see people going to jain for 10-20 years for using P2P, they'll stop. Let's not forget that the major news outlets are owned by the same parrent companies that own MPAA and RIAA companies, so the stories will be

Man in Utah arrested for downloading music files, gets 20 years

not...

Man in Utah arrested for giving 50,000 copies of unreleased movies away to people on P2P and selling copies of CDs and making kiddie porn and...

That will be enough to scare most of the people away from P2P, thanks to half truths. They don't intend to actually go after everyone because that wouldn't be cost effective, as you've noticed.

Delegated enforcement

[xixax]

That will be enough to scare most of the people away from P2P, thanks to half truths. They don't intend to actually go after everyone because that wouldn't be cost effective, as you've noticed.

Ideally the *AA's would also want to make p2p expensive to condone/tolerate on their networks. Pestering ISPs with subpoenas is one avenue of doing this. Hopefully p2p customers bring in more revenue than it costs to service the RIAA.

Xix.

Or another way to look at it

[ShatteredDream]

People will demand legal change because if there really are more than a handful of prosecutions little Johny or little Suzy is now potentially in the DoJ's legal crosshair. I've met more than a few people who were self-righteous about it until they found out how absurd it was and that their kids and kids they thought were really great kids could sit in a federal prison for 3 years and be literally bankrupt before the age of 18. You see, most people think you're directly ripping off the artists when they hear piracy. They're not thinking their kid with his small mp3 and divx collection.

Re:User vs IP address

[God! Awful 2]

Good luck proving successful downloads of songs for copyright infringement. Not to mention proving the downloads were of the SONGS claimed, and not some other file with the same name. Even if the file "baby_one_more_time.mp3" exists on the subject's machine, and the RIAA downloaded it and tracked back to to the subject that is only ONE violation. There is no way they can legally prove other infringements -- maybe the person was sharing a copy of bible reading masquerading as Brittany Who's-Dumping-Me-Today Spears? Maybe the RIAA was the only one that got the real thing?

That's about the most cockamamie story I've ever heard.

I agree with the sentiments of the poster who said "thanks for providing us with a 3rd grader's legal opinion." Judges and juries aren't as dumb as you think they are, and when they see "imperfect" evidence, they are still able to read between the lines. If you put up a file called "baby_one_more_time.mp3" and the RIAA downloads it and finds out what it is, not one single person, not even your mother will believe that 99% of the time that file is a bible reading and 1% of the time it is a copyrighted song. And if you try to claim that that's the one and only copyrighted song on your HD and all the other files are bible readings in disguise, no one is going to believe that either. Get a grip!

I hope you don't ever get caught committing a crime, cuz the "I was just standing there when a guy walked by, grabbed the jewelry, and stuck it in my pocket, and you can't prove otherwise beyond a reasonable doubt" defense doesn't usually hold up in court.

-a

Re:User vs IP address

[chill]

Not really. People walk every day because of technicalities. The DAs determine what crime to charge based on the available evidence. To PROVE is a tough thing in criminal law.

If the RIAA wanted to convince the DA to prosecute 150 copyright violations based off of P2P downloads they would have to prove 150 separate downloads of any combination of copyrighted files.

PROVING would be a bitch.

You would be able to have to show:

1. The files were accessable to the PC/person. For example, .MP3s on the hard drive.

2. Assuming the person can produce actual CDs then show the files were actually SHARED, since just ripping isn't a violation. This means...

3. LOGS from the defendants ISP showing connections at the times in question, and possibly traffic on the port. The complaintant's word that they downloaded the files isn't good enough. The logs of the plaintiff's ISP isn't good enough, as headers can be forged.

Specifically, logs showing EACH violation.

4. Some sort of signature (MD5 sum of what the plaintiff has vs MD5 sum of what was found on the defendant's PC) showing the files were actually the ones shared, and not something the plaintiff got elsewhere.

All that is BEFORE you get to judge and jury. All that would be needed to convice a DA to decide to prosecute.

Remember -- a jury awarded HOW many millions to a woman who spilled McDonald's coffee in her lap? A jury determined OJ Simpson was not guilty. A jury though 7 armed police officers who were taped beating an unarmed, unresisting black man (Rodney King) for 5+ minutes were "not guilty". [I know, he supposedly resisted before -- it didn't justify what happened.]

All the rules of evidenture -- what is admissable, what is challenged, etc. come into play. It is harder than you think.

As far as not even your mother believing it was Bible reading... belief doesn't enter into it -- PROOF is a different animal altogether.

Re:User vs IP address

[God! Awful 2]

I don't think they need all that fancy evidence. When someone is sharing copyrighted material, all the evidence against them is out there on the Internet. The RIAA could use logs from their own ISP or they could have a notary public witness the downloads. Whatever.

Remember -- a jury awarded HOW many millions to a woman who spilled McDonald's coffee in her lap?

a) McDonald's coffee really is too hot.
b) The award was reduced dramatically on appeal.

A jury determined OJ Simpson was not guilty.

A jury found a celebrity not guilty in a murder case. He was found guilty in a civil suit where the standard of proof is lower.

A jury though 7 armed police officers who were taped beating an unarmed, unresisting black man (Rodney King) for 5+ minutes were "not guilty".

2 of them were later convicted. They were given reduced sentences partly because they had received death threats.

Anyway, surely you realize that the rules for celebrity justice and other high profile cases are different. You've got high priced defense attourneys and expert witnesses. Juries act differently because they feel as if they are "making history".

-a

Re:User vs IP address

[rela]

Bottom line is that when they come busting into the dorm room, it doesn't matter who lives there, and it doesn't matter whose computers are inside. _All_ of the computers will be searched (or perhaps seized).

I agree with you, but I'd go father than that: Not "perhaps" siezed, but most certainly seized, and kept, without compensation, even after the trial is over (whichever way the trail falls out) as "evidence".

Amendments IV and V, you say? I agree, but tell -them- that...

Re:User vs IP address

[chill]

Actually, in many states (Florida is one) large contract purchases such as cars, land, boats, etc. aren't binding on minors.

Many auto dealers refuse to title a vehicle in a minor's name unless it is paid for 100%.

In California, minors can't enter legally binding contracts. (Popular movie reference: Liar Liar -- under 21, no prenup) Yes, it is a movie, but in the case it is accurate.

Some new EULAs say you must be of legal age before giving consent.

It would be a bitch to use that argument to get a minor off the hook for copyright violations if a DA wanted to push, but it could complicate things to no end. It would be more effective under a civil suit.

Re:Is finding the user really the point here?

[Minna Kirai]

Yes, it smacks of vigilantism. But analogy to invasion of privacy in your home isn't correct.

The offender caused packets requesting the infringement to be send onto the public internet. In all likelihood, the RIAA didn't intercept these packets- they recieved them directly. It was probably an agent of the RIAA offering the files for download in the first place, so he could monitor where the files were sent to.

I also don't see how a user can tell whether a file is in fact an illegal download

A user can make a good guess. Copyrights in the US last a virtually infinite time, and all materials are automatically copyrighted as soon as written, so the only reasonable defense would be to claim "I thought the author had posted it herself- promotional, like". And by keeping the flow of anti-"piracy" advertising going, the RIAA can ensure that everyone knows hit songs aren't legally distributed like that.

(The humorous angle here is that if someone is caught downloading an RIAA song, it was probably because an RIAA investigator was running the server. In that case, the provider actually was an agent of the author, and was allowed to distribute it... A bold defense attorney might try this out someday.)

If I download the file, find it's illegal and then delete it, have I broken the law?

Well, yes. A sane jury shouldn't convict you (anymore than an undercover cop can be convicted of heroine possession), but if your lawyers get financially overwhelmed, it can happen. More probably, that single offense will be used as cause for a search. If more than a few dozen apparently infringing files are found on all your data storage, they'll press charges (otherwise offering a 'mild' settlement).

The RIAA doesn't plan to really incarcerate every copyright violator- they just want to pillory enough examples to invoke justified paranoia in everyone else. So they'll prefer to save the prosecutions for cases that (at least in terms of amount of evidence) are slam-dunks: 100s of gigabytes of MP3s. They do not want to pursue a case weak enough that they might lose.

This matter shouldn't even get as far as the RIAA trying to figure out who the user is. If they get to that point, my rights have already been violated.

Assuming that in the future somebody routinely tries to identify the user, it would be much better all around if the police handled it. P2p copyright violation as are a minor offense, much less worse than a traffic violation, and not at all akin to theft. Rather than allowed the RIAA to start up it's own investigative work, cops could just serve some obviously infringing files and fire off $50 tickets to the people who download them. Just like a traffic fine, someone who challenges the fee in court can often get (but habitual offenders will be more strongly investigated). The angry tirades from parents afraid of higher fines for future violations will be a sufficient "chilling effect" to keep a lot of copyright infringement under control.

Conflicting interests

[gregmac]

This is actually the other article that I was basing my comment about AOL on in a previous /. thread [slashdot.org]. I will just repost a bit of what I said in that thread, because it is relevant to this too:

The industry is in turmoil right now anyways. The RIAA is bringing lawsuits to everyone they can. Then theres the media companies:

• Sony has their music division, which grosses something like $6 million/year. They also have Sony Electronics, which makes things like portable MP3 players, CD burners, etc. This division grosses $40 million/year.
• AOL Time Warner is another one. Time Warner has an entertainment divison, selling CDs, etc. AOL is an internet service provider, and obviously one of the reasons people use internet is for downloading music.

Does Sony really have an interest in killing off half the business for another division that makes 8 times as much money? Does AOLTW want to back the RIAA and push their subscribers away (which they will do if you can't download music on AOL)?

Re:Conflicting interests

[rela]

Does Sony really have an interest in killing off half the business for another division that makes 8 times as much money? Does AOLTW want to back the RIAA and push their subscribers away (which they will do if you can't download music on AOL)?

No, but until or unless the companies involved (RIAA members/AOL) feel it in their pocketbook, and feel it so acutely that NO ONE can dispute where it's coming from, they won't realize that. And if they play their cards right, they never will.

encrypted networks

[smd4985]

if the subpoena of IP addresses based on pure suspicion as supported by the DMCA holds, then media and/or ISPs will be powerless when p2p networks provide authenticated, encrypted services. freenet is already making strides in this area but i think it can be even better.

as much as they fight it, AOL/RIAA/whatever are only shooting themselves in the foot. embrace digital content as a viable content delivery mechanism or die....

Re:encrypted networks

[God! Awful 2]

as much as they fight it, AOL/RIAA/whatever are only shooting themselves in the foot. embrace digital content as a viable content delivery mechanism or die....

I find it funny when people phrase it as "do X or die" because then it sounds even more like extortion than it already is!

-a

Re:encrypted networks

[Minna Kirai]

No, two big problems with this theory:

• P2p networks have no obstacles to membership. And the traffic has to get decrypted on each end. Private detectives on RIAA payroll can join like anyone else, can provide zero-day copies of a few major albums, and can then log the destination address of everyone who requests a copy.
  True, systems like freenet can obfuscate data and conceal user's addresses from each other, so
• The RIAA will look for (and find!) ways to argue that freenet's primary purpose is as a copyright infringement device. They will get a researcher to sign up as users and construct a statistical analysis demonstrating that freenet's content is 10% MPAA movies, 20% BSA games, 30% RIAA music, and 40% porn. Then they'll have freenet nodes declared a DCMA circumvention device (or roll out other new laws if that fails), and start sending out a whole new wave of subpeonas.

PS. I suppose those statistics don't reflect freenet today. But if it becomes the successor to p2p swapping applications like Kazaa and Bearshare, then someday they will.

Economic Hit

[Poeir]

I'd like to put emphasis on this part of the article:
"And that's not surprising," says Oppenheim, "because everybody knew 512h allowed that. So you have to ask: Why would Verizon suddenly change their view? And, well, I have my answers. They've got an enormous base of infringers. Their view is there would be an economic hit if they started to allow this."

Isn't it widely held that the DMCA is intended to maintain revenue streams for the prosecutors in this case? So this case is essentially about whose revenue is more important: The RIAA components, or ISPs. Since I'm on Slashdot, you know which one I'd regard as more important.

Market darwinism in action

[kien]

Content-makers and content-distributors vie for control until they collide (e.g. AOL-TW, Sony) at which time they engage in fierce legal battles which garner headlines.

Meanwhile, their customers carry on performing "criminal" actions.

You don't have to be Jeffrey Friedl to match this pattern.

--K.

Re:Go-Go-Go

[kien]

The good news is that my post is relevant today.
The bad news that it might be criminal tomorrow.
Either way, go to sleep Thurog. :) We can't solve these problems tonight.

--K.

End of the Internet

[Mizery De Aria]

If the RIAA wins, wouldn't it cause the downfall of the Internet? Well, I mean, if the RIAA goes after everyone who downloads their music (rather than buying it, or even along with buying it-download to find new and interesting music, then buy), what will they do to them? Have them jailed for their actions? Okay, so the USA becomes a jail country, where 50%+ of its population is held hostage by the RIAA.

Obtaining of media will never be the same! It's been brought up many times in the past; to have video on demand. Well get on with the implementations already. Perhaps do such with audio as well, although this will probably have to be free since it can be obtained freely anyway. Perhaps, in regards to audio, add some quirks and then charge for them. In my opinion, 75%+ of the population of the U.S. ages 12-30 download their music instead of buying. Although, there probably are some accurate statistics already (anyone know where) which would be interesting to see. We need to stop trying to censor our technological advances, but rather develop upon them while allowing them to flourish.

Welcome!

[grub]

You've Got Warez!

Aaaaaah, sweet, sweet abuse....

[gnovos]

This, my friends, is what makes like worth living... I have just made a set of 26 "songs" that I have labeled A through Z... Now, When I see a link that contains letters, I fully suspect that it is being linked to stolen copies of my songs... I especially suspect this on personals and dating sites. Name and address please!

lawsuit crazy

[Xerxes of Zealot]

Wait...if they're going to try to sue to get IP addys why not just go for the gusto: Sue Microsoft for allowing it's operating system to run Kazaa and other "piracy" software. Don't forget about harddrive makers, after all without them we wouldn't have enough space to store those MP3s for very long. Oh hell, why not just go after the makers of computers in general? Without those damn computers the software to pirate music is useless.
Here's a better idea, dont charge goddamn $20 for a CD with 2 good songs on it and maybe we'd be willing to buy them a bit more often. Dont get me wrong support the artist, go see a concert or something. But $20 for a half hour of music? Thats insane. I'd be willing to pay about $12 for a CD, you can't tell me that you can't make a profit on $12 a CD. Maybe if the record companies fired a few lawyers they would realize that the problem comes from within.

RIAA taps AOL chatroom

[grub]

Welcome to: w4r3z_w4ld0

40L_h4x0r: g1bb0r m3 j00r ju4r3zzzz!
h4x0r_g0d: gn0, j00 g1bb0r m3 j0000r ju4r3zzz!!!
40L_h4x0r: J00 f4gg0rzzz!! G1BB0R M3 J002930mczxcfsdf lsd3 0 013
###CARRIER LOST
***40L_h4x0r has joined w4r3z-w4ld0
40L_h4x0r: where was I.. oh ya.. G1BBOT M3 J00R JU4R333ZZZZ F4GG000RRRRZZZZ!!!!

Now I see why the RIAA is so worried. Crime as organized as this is a threat to everything that keeps democracy flowing.

Two Things:

[idiotnot]

1. AOL doesn't want other agencies snooping into its network, because it'd make it easier to find out the other illegal stuff going on in there. Nice, wholesome kiddie pr0n, for example. The fewer eyes that aren't theirs, the better.

2. Yes, TW is in the music business. They don't have a good way, however, of preventing filesharing from happening. As others have poined out, the slow speeds within AOL itself are enough of a deterrant there -- where they ought to be concerned is in the TW broadband area.

So they're gonna cool their jets and see what happnes. Makes sense to me.

Novel solution to p2p woes.

[praksys]

What p2p software needs is a login procedure where a message is displayed that expressly forbids certain classes of individuals from using the network. The classes should be carefully defined so that no mention is made of protected groups (of course) and so that absolutely everyone is covered. Something like "You may not access this network unless your bodyweight is either more than 1000 pounds or less than 10 pounds" would do. Anyone who logs on would be violating the law by gaining unauthorized access to a network.

At this point the proposal probably doesn't seem very promising, but here is the advantage:

Presumably people who were planning to break the law by trading copyrighted material wouldn't be scared of by the warning, but on the other hand, if the RIAA came along with evidence that someone on this network had violated copyright then that alone would be evidence that the RIAA had violated the law, or encouraged someone else to do so.

Do filenames prove us guilty

[Anonymous Coward]

This just pop'd in to my mind about the whole filesharing issue...
Ok all they have are a list of filenames.
if a person have say 1000 zero-byte or whatever-byte sized files with filenames of whateversong.mp3.
Does having just a list of filenames provide enough evidence to use DMCA as a legal stance?
Does anyone know with some fair amount of detail what evidence the RIAA provided in court to provide some proof other than the list of filenames?

Maybe the kid had 666 files of porn and he renamed them so his parents wouldn't find out...ha ha ha

---
tkt

Report

[Malicious]

I say we report to the RIAA Officials that we've found Millions of Illegal MP3's on IP 127.0.0.1

See what happens.

What ever happened to the days when...

[djupedal]

...you could draft a mail to yourself on AOL, and then someone else, using your logon, could read it without it ever being sent (used to be a great way to spoof MCI)....attachments and all.

There must be 100rds o' ways to transfer files without having the spy filter kick in. Why is anyone really pained over this.

Re:What ever happened to the days when...

[Minna Kirai]

Avoiding spies by approaches like that is security through obscurity. It'll only work as long as too few people are doing it to make it worthwhile to hunt- and that's all the RIAA really needs.

Clever methods like that are labor intensive. They require a significant time investment both to perform the transfer, and more time for the sender and reciever to learn of each other in the first place.

The revolutionary aspect of Napster (and follow-on p2p applications) was that it made both those tasks trivially easy- less than 10 seconds of user time each.

It is these highly scaled, highly automated systems that the RIAA wants to target. And because they're automatic and repetitive, automated scanning software can easily observe them as well.

Ok, so...

[djupedal]

...why are we giving the RIAA such glow-in-the-dark targets. I won't get into details, but my point is that there are many ways to access, share and move data. I'm confident something as originally trivial as Napster could be made obscure just as easily. After all, radios channel hop as a security measure, and that kind of StO has been very reliable. Instead of bemoaning Napster, someone should simply go next gen.

Gentlemen/Ladies Start Your Honey Pots....& Re

[Anonymous Coward]

A modest proposal....

1. Write a little script/program to scan the top 5000 swapped files (got to beat the Verizon 666 guy)for filenames/file sizes.

2. Stock a honey pot system with random files of the appropriate file size and names (there is no law requireing you to label your files correctly...look at the **AA's spoofing efforts for examples), making your honey pot a big target.

3. Wait for them to come for you.....

4. Counter sue the socks off them & retire.

I am sure with the technical knowledge base of the /. community this could be expanded to be a major mine field for the **AA cartel....

Just a thought....

Er, how 'bout file-sharing with non-US buddies

[bluesangria]

Does the reach of the RIAA extend to, say, Europe, Asia, Australia, South America, etc.?? Last I heard, they had people over there who file share music also. Maybe I can just make sure I download from non-American owned IP blocks. Or better yet, it can be built into the next release of LimeWire, Kazaa, etc. (Check this box if you live in the U.S. and only wish to download from people outside U.S!)

This is very silly of them. I see a couple of problems if they do start attempting mass-enforcement

Try and subpeona someone outside the US.

Try and explain to average, white upper-middle-class parents that their "little angel" is a "criminal" and NOT have a bad publicity stink about it when parents complain of "needless harrassment".

Try and keep the egg off your face as people start to use proxies outside the US to reroute the download to their computer.

Am I missing something here?? I feel like we're being scared by the big, ominous shadow on the wall and missing the little dork casting the shadow with his hand.

blue

Seems to me...

[mgaiman]

If the ISPs are forced to give the information, it would be a good time for somebody to write a Kazaa client that used similar technology to that developed by Zero Knowledge back in the day.

Basically, it would go through a couple of intermediate servers that hid the IP addresses in such a way that nobody knew who you were anyway...

Then it would really suck to be the RIAA.

Conflict of interest...

[eniu!uine]

Like AOL, I seem to have a conflict of my own. I love freedom, don't want people watching me etc, but as my freedoms diminish, so does my retirement account grow. I think I'd rather die free than rich.

Will they include the sound...

[bobdotorg]

So in version 11 of AOL's software, after a few downloads can we expect to hear, "You've got busted" ?

Forgetting the big picture

[teeters]

This is the first sentence of the story, and not one of you yet has pointed out the breaking news that the media has finally unmasked once and for all what Kazaa really is:

"One day last summer, a person using Verizon to access the Internet logged on to Kazaa, a popular peer-to-peer music-swapping service, and started downloading MP3s."

AOL is just like that

[Powercntrl]

AOL used to have a tremendous problem with warez and porn trading. Since all of AOL's e-mail is handled server-side, you were able to have a ton of e-mails in your mailbox with attached files and just download what you wanted. People used VB programs that mass forwarded the e-mails with attached files, or allowed users to request a specific e-mail to be forwarded in the form of a chat bot server.

AOL first tried to close the rooms by presenting a dialog "[name of room] rooms are not available" instead of allowing you to enter a "banned" chatroom name. Obviously, people just started going to differently named rooms to trade warez and porn. AOL later employed a bot that would terminate your account if you entered a banned room. You'd think that would have worked but instead the warez kiddies started sending links to the banned chatrooms en masse to the general populus on AOL. AOL didn't get it right until they implemented Rate Limiting (which limits the amount of e-mails you can send in a given time), which finally was what killed warez trading on AOL.

AOL also had a problem in the past with users DOSing each other by sending instant messages that caused an overflow error in the AOL client software. AOL knew about the problem and didn't warn their users, nor did they even make any mention of it or the need for running an updated version of their client when they finally got around to fixing the problem.

During their whole battle with the warez kiddies, AOL never admitted on the record that they have a problem or what they're doing to fight it. Back when things were a little more exciting on AOL, sites like AOLWatch [aolwatch.org] were updated on a regular basis and were the only place you could find out the TRUTH about security breaches, dangerous exploits and how to prevent them, and policy changes at AOL.

One thing is certain, while AOL doesn't admit there's illegal activites taking place on their service, they certainly do (eventually) get around to dealing with them - usually with new restrictions placed on the features of the service. I wouldn't be surprised if AOL/TW/RoadRunner was looking at ways to block P2P use right now.

News broadcast....

[amberspry]

The RIAA last week closed down the last MP3 file trading service. A press release issued by the RIAA includes the statement, "If people want to listen music...they have to pay for it." The RIAA also stated "we now know people finally got the message."

In other news...

Since the closing of the MP34you network email usage has spiked, caused by a large increase of emails with unusually large attachment sizes. Storeowners also are witnessing a large number of their usual customers not coming back. "We don't know what happened," commented one storeowner. All of a sudden customers that have been shopping for years have just quit coming.

Sales of CDs have plummeted. There are an increasing number of message boards dedicated to boycott of tapes and CDs. People seem to be responding quite well to the whole idea. One message board user writes: "If the RIAA wants to play rough, then lets give it to them!" The RIAA has no comment.

IP addresses...

[Anonymous Coward]

How do you tie a certain person to an IP address? Right now I have 730 College Students all showing the same IP address when they go out on the web. Also, how do they know that someone else didn't break in my home, break laws, and then leave without me knowing. I figured that you had to be caught red handed or they have enough evidence to prove you were being a bad boy. An IP address isn't enough for me.

A question

[Pofy]

From article:

"One day last summer, a person using Verizon to access the Internet logged on to Kazaa, a popular peer-to-peer music-swapping service, and started downloading MP3s"

OK, I might not understand how those P2P system works but how can anyone determine if you DOWNload something with the exception of being the person that share what is being downloaded (and I doubt RIAA put out copyright protected work themselves)? I can see that you can find people sharing files, but downloading?

Which leads to the next question, do they actually download all the files they find that they believe are work they (or who the represent) holds copyright too? Or do they just go by file name? If so, how do they now it is not just a garbage file or containing something completely different than one might assume. If they download they must be one of the biggest downloaders out there and what happens if they download something they do not hold copyright to, do they report themselves? (doubt it :) ).

Why is this a surprise?

[EmagGeek]

Do you _really_ think that AOL is the least bit concerned with your privacy? Here we have THE largest media company on the planet, whose job it is to stuff as much advertising down your throat as it can, and sell your personal information to as many marketeers as it can. How else do you think they pay for the billions of CDs that they drop in every mailbox, shopping bag, and put on every store shelf on the face of the Earth?

Real Internet Providers have no vested interest in releasing their customers' private information. They're not in the marketing business, at least not directly. Nor are they in the business of enforcing the law. Companies like AOL think they ARE the law, and will have no problem rolling over on anyone who they think is eating into their media revenues. They have plenty of money for lawyers and politicians, mostly because stupid people are *STILL* willing to pay $22/mo for dialup access and/or pay by the hour (!?).

Besides the obvious reason that AOL is a media company and obviously wants file-sharing ended, they really have no reason or interest in protecting their customers' privacy and therefore aren't going to life a finger to protect that poor sap that the RIAA is going to make a huge public example of.

If I were that person, I would at the very least be arranging to obtain a passport and a one-way ticket to some country whose government hasn't been bought by the RIAA and other special interest groups with gobs of money and a Napoleonesque desire to take over the world.

Didn't someone say "Give me liberty or...

[Qinopio]

...give me death"? And then good old TJ said something to the effect of "He who would sacrifice his freedom for safety deserves neither". /me wonders how far this all will go...

Re:Didn't someone say "Give me liberty or...

[Anonymous Coward]

"Give me liberty or give me death" was Patrick Henry, and "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." was Ben Franklin, not Thomas Jefferson.

Patrick Henry, Slave Owner

[handy_vandal]

Patrick Henry said "Give me liberty or give me death" -- but he didn't say it to the slaves working his plantation.

"He concedes the evil, laments his entrapment in the system, suggests it will be abolished in the fullness of time, and declares that he will transmit to posterity, together with his slaves, a pity for their unhappy lot and an abhorrence of slavery. Henry was skilled at the politics of gesture and brave in defiance of convention, but on this issue -- the gravest and most fateful in our history -- [he followed] the common path of least resistance and left successor generations to sip the sorrow of his era's default."

The Political Legacy of Patrick Henry [redhill.org]

Re:complexities

[MacAndrew]

And that old rabble-rouser opposed ratifying the Constitution butterly. A very independent-minded guy.

The other example mentioned, Thomas Jefferson, is an even more complex character, given his shifting views aas he contributed far more material to our culture than Mr. Henry's one classic line. On slavery, he wrote, "I tremble for my country when I reflect that God is just." His relationship with Sally Hemings, still not entirely resolved, adds to the mix. (Speaking of complex icons, I felt a little sheepish when I realized the White House and Congress were built with slave labor. Of course.)

Metaphors are nice, but ... I'm not suggesting God is going to weigh in on copyright enforcement, and if anyone wants to dies over it, well, I'll be sure to read about it. To exaggerate the debate is to trivialize it. :)

Slaves: different cultures, different status

[handy_vandal]

Slaves weren't people under the American system of slavery: they were property, to be used as the property owner saw fit.

But that's not true of all slave systems throughout history. The laws of ancient Greece and Rome granted various rights to slaves. (A lucky slave might even save enough money to purchase his own freedom.)

Sparta was a particularly interesting case: slaves belonged to the State, and were only "on loan" to their current master.

Re:"Online Privacy"

[davidj0228]

Very true, deviant activity such as file-sharing is just like marijuana smoking, it supports terrorism.

Re:"Online Privacy"

[karlm]

Your source being....?

Most of the maintream news sources claimed that opium was a major source of funding for the Taliban. Usage may have been discouraged, but from what I hear, the Taliban activey encouraged opium poppy cultivation over food production. The poor farmers got about as much per acre for the poppies as they would have from foodstuffs, with the Taliban/warlords gtting the lion's share of the markup.

Of course, there is a good deal of US propaganda in there, but I'd like to hear your sources.

Re:"Online Privacy"

[Minna Kirai]

In 2002, the US DEA was quick to claim [state.gov] that opium was a prime source of Taliban funding.

But back in 2001, the US government gave the Taliban [chronogram.com] $43,000,000 dollars in exchange for destroying the opium crops that had previously supplied a major portion of their GNP.

(Never mind that "Transacting with the Taliban" had been illegal for US citizens since 1999 [fas.org]. I don't see any of Bush's administrators being arrested for helping the Taliban much more than John Lindh [cnn.com] ever did. It seems ignorance of the law is an excuse.)

Now that the Taliban has been deposed, the flow of Afganistan opium is starting to resume [cannabisnews.com].

Re:One question about this article

[DarkKnightRadick]

AOL not/having a stance IS news because it's AOL Time Warner. It's the largest ISP AND media company. It has a lot to lose on either side of the fence. If users knew their info was being given up on possibly trumped up charges of illegal file-sharing based on a non-judge issued subpeona then they lose most if not all of their customers who really care about their privacy. On the other hand they have to protect the interest of copyright holders they represent (e.g. RIAA and MPAA members. So while I can understand how one might think AOL not stating their position on way or another is just filler news, I also can't understand how one can comment without actually reading the 4 page article.

Personally I think, as a former AOhelL subscriber, that AOL's public non-stance speaks as loudly as if they had taken a stance one way or another on the Verizon case, which is the reason AOL has a non-stance in this article.

Re:Prejury Punishment from RIAA?

[God! Awful 2]

In my mind, this is not even an unclear issue. The Verizon ruling is going to stand and ISPs are going to be forced to reveal customer data. Realistically speaking, they ought to be monitoring their networks and issuing warnings pre-emptively.

Interesting how they can monitor their networks for spammers, VPN users, people running web servers, etc. but they choose not to monitor P2P. There is legal precedent for forcing industries that provide services that facilitate criminal activities to participate in the prevention and monitoring of said activities.

However, given that there have been some reports of false positives, the bot software needs some work. Clearly, rather than simply analyzing the name of the file, they also need to download the song and check that it is what it appears to be.

-a

Re:This could come in handy!

[God! Awful 2]

Wow, I could really use this. Find the IP of someone who pisses me off for some reason or another. Go get a subpeona claiming they have downloaded something of mine that is copyrighted, tada, have name and address, can now open can of whoop ass.

And get nailed for perjury?

-a

Re:What if?...

[Minna Kirai]

But, given all that, it never hooked onto who is using that card.

The Federal Department of Justice can obligate communications providers to install equipment to facilitate court-ordered investigations. Primarily, this has taken the form of telcos keeping their switches ready to trace or wiretap.

If enough ISPs start claiming "anonymous prepaid cardholder" as an explaination for failing to complete DCMA 512h requests, then the Feds will start to require them to use a Caller-Id function to log the phone numbers used for the dialup.

Soon enough, they'll track you down.