Censoring The Net With A Hotmail Account

Alex Bradbury writes "Members of the Bits of Freedom group conducted a test to see how much it would take for a service provider to take down a website hosting public domain material, and have published their results. They signed up with 10 providers and put online a work by Dutch author Multatuli, who died over 100 years ago. They stated that the work was in the public domain, and that it was written in 1871. They then set up a fake society to claim to be the copyright holders of the work. From a Hotmail address, they sent out complaints to all 10 of the providers. 7 out of 10 complied and removed the site, one within just 3 hours. Only one ISP actually pointed out that the copyright on the work expired many years ago. The conclusion of the investigation is definitely worth reading. The three providers who didn't take down the material are XS4ALL, UPC and Freeler. The company that came out the worst was iFast, who forwarded all the personal details of the site owner to the sender of the fake takedown notice without even being asked to do so."

Censorship, or just cautious commercial entities?

[Osrin]

I can either invest in lawyers to investigate every claim, or drop a few customers with an "ask no questions" policy.

Which is easier for the smaller ISP to administer and live by?

I'm not saying it's right, we're just in an odd climate around digital rights at the moment.

Re:It shouldn't be that easy

[Fulcrum of Evil]

I am amazed that an ISP wouldn't have some process in place to at least check the validity of a party making that request and check the validity of the copyright as well. It wouldn't take much to put such a process in place.,/p>

Why? It isn't as if they lave any liability.

Re:It shouldn't be that easy

[Rikus]

When you're too busy trying to avoid getting sued, you don't have time to check up on the minor details, like whether a claim is actually valid.

Re:Censorship, or just cautious commercial entitie

[erick99]

Put a simple process in place. When someone makes a copyright claim send them an email asking for written proof of who they are and evidence that they do have a legitimate copyright ownership. The party making the request should do all of the work, the burden is on them. They would then have to mail all of this, by certified mail, to the ISP. If the party making the request does all of this properly than a takedown decision can be made. A legitimate party with a legitimate claim should have no problem complying with such a request/process.

Cowards

[Space_Soldier]

This is very bad news. This means that ISPs are so afraid of litigation that they are willing to remove material at the first threat of copyright violations without cheking whether or not the material is copyrighted. Basically, they are willing to be bullied by any entity that claims copyright.

Well, you're exactly right

[mcc]

And this is exactly why law which holds service carriers such as ISP responsible for the actions of their owners is both invalid and dangerous. ISPs can't and shouldn't be expected to police their customers, and laws or copyright treaties such as the DMCA which place them into the position of having to do so must be changed...

Re:It shouldn't be that easy

[anthony_dipierro]

Which is why if you don't want your content being taken down, you shouldn't use a free hosting provider. Then, if they take your content down without doing some basic fact checking, they have to worry about a lawsuit from you.

Re:Censorship, or just cautious commercial entitie

[Anonymous Coward]

I can either invest in lawyers to investigate every claim, or drop a few customers with an "ask no questions" policy. Which is easier for the smaller ISP to administer and live by? I'm not saying it's right, we're just in an odd climate around digital rights at the moment.

Damn straight. I hope people understand enought to only place part of the blame on the ISPs here. The primary people to blame are those who are behind the insane copyright laws that have caused ISPs to legitimately fear massive fines, prolonged lawsuits, and even jail time for copyright violations.

The balance is tipped way too far on the side of copyright holders. Fair use has flown out the window, copyright is essentially limitless now, and appropriate penalties for these "crimes" have long since abandoned in favor of draconian measures designed to totally cripple anyone who steps out of line.

Yes it's unfortunate that more ISPs didn't do some basic investigation into the matter, but when you risk having your entire business shut down in the blink of an eye if you make a mistake in your research, what can you expect? For all they know a recent court ruling might have allowed a publisher to get the work back under copyright. With the way things are going these days, it's not that far fetched.

I'm not surprised . . . becuase we prosecute ISP's

[StateOfTheUnion]

I'm not surprised . . .ISP's have to protect themselves because they are being subject to subpoenas, injunctions, lawsuits for what they host . . . I think this is the root cause of the problem.

For example, if the public library was responsible and liable for all material that was copied on it's self service photocopy machine, then most libraries would probably ban use of the copier or manage and log its use very closely and be willing to share this information with anyone that threatens to sue the library. This would be done to protect the legally liable library. The library would be attempting to shield itself from liability by cooperating with those that were alledgedly infringed and by pointing the finger at the person that actually made the copies. Of course libraries are not liable, the person that uses the copier is liable. This is why photocopy machines are normally self service. This prevents the library from being legally liable.

Unfortunately the same doesn't seem to be true for ISP's. ISP's can be legally liable if they don't provide information about an alleged copyright violator or if they don't remove the allegedly copyrighted material from their servers in a timely fashion. It is unfortunate that even though the ISP may not knowingly endorse infringement or actively participate in the infringement, they could still be held liable (or at least named as an infringing party in an expensive lawsuit).

Unfortunately ISP's have not been afforded legal protection similar to that granted to libraries with respect to photocopiers. It is the system that attempts to hold ISP's liable that is the problem. ISP's are merely reacting to this and trying to protect themselves.

So much for innocent into proven guilty.

[Maestro4k]

This is just sad, ISPs are probably overwhelmed with takedown notices but failing to even check the page in question before disconnecting a customer is a bad move. Why? No matter how restrictive the TOS for an ISP may be, shutting down a customer's site without checking the validity of the complaint, or even the validity of rhe complainer (i.e. is this a real company/person/rights holder) is likely to leave them wide open to a breach of contract lawsuit. While the courts have their problems, I doubt a court would look kindly to this type of action in light of a contract for service. If this happened to a business it could really be bad for the ISP.

Tie this in with the RIAA/MPAA's apparent automatic search and send bots (that are programmed moronically to boot, a 30kb file's supposedly a movie?) and you also get the potential to take down large chunks of the web illegally. Just wait till the lowlifes out there start doing DoS's using bogus takedown letters instead of packets. Things will probably get mighty ugly.

Erroring on the side of safety

[LostCluster]

The current setup of copyright laws establishes that there's a steep penalty for not taking down a copyrighted work, but no penalty at all for wrongly taking down public domain work... No wonder the businesses involved reach for the trigger instead of stopping to think. Delaying when it's valid exposes them to risk, tripping over a false positive does not.

Re:It shouldn't be that easy

[spottedkangaroo]

It is really not up to the ISP to check the validity of anything. That is what court is for.

What they should do is simply leave the site up and refuse to give out any personal details until they receive a court order compelling them to take an action.

Re:I would say

[imemyself]

Not only should it be illegal, but the people from the ISPs should go to prison. Yeah, it might be easier and cheaper for the justice department to do away with all trials and just play jury/judge/executioner but that's not the way it works. The ISP should be required to actually investigate it and have real, solid evidence before they go and do something. On a sidenote, I wonder what we could "copyright" on the RIAA's site...

Texan-style!

[dougmc]

It only takes a Hotmail account to bring a website down, and freedom of speech stands no chance in front of the Texan-style private ISP justice.

Living in Texas, I'm not sure what constitutes `Texan-style private ISP justice'. Perhaps Sjoera Nas could explain?

Certainly, ISPs here have been known to overreact to complaints before (and the DMCA gives them specific guidelines that they *must* follow, no matte how unfounded the complaint is) but last I checked, this wasn't specific to Texas. But perhaps these Europeans know something about Texas that I do not ...

Re:It shouldn't be that easy

[StateOfTheUnion]

They do . . .

They wait for a complaint and then yank whatever was complained about off the server.

This is the cheapest way to handle alledged copyright violations. The people paying to have their material hosted are not going to pay extra to have a group of lawyers check their own material for copyright violations. If the ISP can't get the customer to pay for a team of lawyers to handle complaints of copyright violations then what is an ISP to do?

The problem isn't that the ISP knee-jerk responds to alledged copyright violations; the problem is that the legal system holds ISP's responsible for violations. the party held responsible should be the individual that placed copyrighted material on the internet.

Re:I'm not surprised . . . becuase we prosecute IS

[Maestro4k]

• For example, if the public library was responsible and liable for all material that was copied on it's self service photocopy machine, then most libraries would probably ban use of the copier or manage and log its use very closely and be willing to share this information with anyone that threatens to sue the library. This would be done to protect the legally liable library. The library would be attempting to shield itself from liability by cooperating with those that were alledgedly infringed and by pointing the finger at the person that actually made the copies. Of course libraries are not liable, the person that uses the copier is liable. This is why photocopy machines are normally self service. This prevents the library from being legally liable.

Bad example, and most copiers are self service because libraries can't afford to hire staff to do a job most people are capable of doing themselves. In this case the equivalent would be if someone reported to a library employee that some guy was copying an entire book on the copy machine and had been at it for hours. At this point the library would be responsible to check out the situation and stop the person if the allegation is true. However, if they get to the copier and the guy's actually copying notes from a friend instead of a copyrighted book the library should not unplug the copier and demand the guy leave. At that point it's clear the original report was bogus and the guy at the copier is not breaking any laws. Incidentally the library would be liable for the copyright violations if the failed to even investigate a reported abuse, just making the copiers self-service doesn't exempt them from that responsibility.

• Unfortunately the same doesn't seem to be true for ISP's. ISP's can be legally liable if they don't provide information about an alleged copyright violator or if they don't remove the allegedly copyrighted material from their servers in a timely fashion. It is unfortunate that even though the ISP may not knowingly endorse infringement or actively participate in the infringement, they could still be held liable (or at least named as an infringing party in an expensive lawsuit).

Actually the law requires them to pass along the takedown notice to their customer who's allegedly infringing, then to take the site down if the customer doesn't respond defending themselves. The ISP is most certainly not required to forward along personal details to the complaintant without a warrant, the RIAA has kindly established this for us by abusing the DMCA, that's why all their suits are now filed as John Doe suits. Secondly the ISP does have some responsibility to check the validity of the claim. Receiving an E-mail from a hotmail account should be a warning sign that something's not right in this case. When the site in question plainly lists the original copyright date (and why it's in the public domain now) the ISP opens itself up to a breach of contract lawsuit from their customer. Just because the DMCA says ISPs have to respond in a timely manner does not release them from other legal obligations!

• Unfortunately ISP's have not been afforded legal protection similar to that granted to libraries with respect to photocopiers. It is the system that attempts to hold ISP's liable that is the problem. ISP's are merely reacting to this and trying to protect themselves.

Actually it does, ISPs must respond to complaints filed properly (ISPs are allowed to list a DMCA contact address that MUST be used to file all complaints, the law allows them to ignore any complaints not sent to that address), must pass the info to the subscriber and must take down the site if the subscriber doesn't respond. If they do that they're fine, but in this case they seemed to do only the last part, after failing to do even the most basic of fact checks. ISPs aren't merely "trying to protect themselves", they're failing to uphold their subscriber agreements. Acting in this manner will not absolve them of their other legal obligations and can, especially in this case, open them up to lawsuits from the subscriber. That's not protecting yourself, that's just stupid.

Re:I would say

[Nicholas Evans]

You see, they have this little thing called 'Terms and Conditions' that hostings firms reserve the right to give you the boot at their discretion in...

Re:Texan-style!

[mallardtheduck]

I think most of us europeans have realised that your president is texan and therefore every new law under his term in office must be texan-style... Not neccissarily correct, but thats how some of my fellow europeans seem to think.

Re:It shouldn't be that easy

[tropicflite]

I don't think this is so much a story about censorship as a comment on people willingness to follow instructions without questioning them.

In a related story, did you know that you can get into any room of a hotel just by going to the front desk and telling them that you locked your key inside and giving them room number you want. No one's EVER asked me for ID for doing that.

Most people just accept the information presented to them as being factual.

Re:Well, you're exactly right

[Anonymous Coward]

Putting aside circular or specific contractual language involving enforcement...

If the customer is in violation of the ISP's AUP, that is a contract between the customer and ISP only. It should not be used as leverage by the government to go after the ISP. Ever.

It is up to the ISP to decide if they want to enforce their agreement/contract. Not yours, mine, or the government.

If the customer is doing something wrong, there is absolutely nothing stopping the copyright holder from going after the customer. They can subpoena the ISP as a witness or to gather records if avaialble, just like any other meatspace case.

I do not see any special reason why ISPs are held to a different standard here.

btw, this is not some unique internet issue; landlord and tenant laws have similar issues that seem to have been resolved well. You don't go after a landlord because the tenant downloaded an illegal copy of Doom4 while they were renting, nor do you expect the landlord to have to report this or kick out the tenant.

Re:I would say

[tverbeek]

The whole matter is a civil affair, not a criminal one. So why should the ISP go to jail?

One of the most problematic developments in copyright law has been the conversion from civil to criminal law. I'm a believer in the principle of copyright, but only as matter between individuals. If you make unauthorised copies of my comics, it's up to me to go after you (or not, at my discretion); it is not a crime against society or the state that should be subject to a trial of The People v. _______.

Until you vote

[iminplaya]

the people responsible for these kind of things out of office, this is the future you can expect.

Re:I would say

[aallan]

Why? What crime have they committed?

The ISP is based in the Netherlands, by handing out data about one of their subscribers without a court order they have violated EU data protection laws. That's a crimial offence...

Al.

Re:Cowards

[Anonymous Coward]

This is not just a problem with regards to copyright. Any widely disliked group of people will have a very hard time finding someone who is willing to host their (legitimate) services. Some years ago, boychat.org (a forum for pedophiles) was chased from ISP to ISP because "child advocates" called in with death threats to the ISP owners. Today they have stable hosting, but pay dearly for it too. There is nothing illegal or morally questionable with this site, it's just a bunch of people trying to help each other through life in a prejudiced and hateful society. At the time, it was a chilling experience to see how effectively a site could be taken down. So this story does not surprise me.

(As another display of the same kind of censoring, watch as my comment hits -1.)

Re:It shouldn't be that easy

[fucksl4shd0t]

I don't see how that's obstruction of justice. If the ISP requires you to follow due process, and you follow it, then there's no problem at all. You might be pissed they made you go through all that extra work only to have to do what you told them to, but you can't actually do anything about it.

Naturally, I'm not a lawyer, but my understanding is that obstruction of justice is a criminal charge that can only be brought in a criminal case where you have actually tried to prevent the court or the representative of the court (the prosecutor, investigators, etc) from acquiring evidence that materially affects the case.

The reason this doesn't apply in a civil suit is because a civil suit isn't about justice, it's about liability. Copyright is (was) a civil matter. Now copyright infringement is slowly being criminalized. I think it's because the war on drugs failed, so it's just another mechanism to make sure you can always put someone in jail for something.

Re:It shouldn't be that easy

[Jim Starx]

The person responcible is the person who put the content on the site. Holding ISPs responcible for what their customers do is like holding the post office responcible if you get a mail bomb. You should hold accountable the person responcible, not the easiest target.

Re:It's probably more about the terms of service

[catenos]

I don't think that being free really has much to do with it, although there could perhaps be a correlation. Probably what matters is the terms of service that you agree to. Even if you pay for the service, virtually all terms of service will contain a clause that states the provider can yank your access or hosting or whatever they provide on a whim at their own discretion.

Being free has to do a lot with it. While the ToS is there to indemnify against damages in case a site is taken down, the fact whether (or how much) a customer is paying for a service influences a lot how much time is spent on a complaint.

In other words, while the ToS allow them (at least theoretically) to take down the site at will, the difference in money is what decides how lightly they make use of that possibility.

Re:I would say

[Arker]

So, the only way to effectively survive in this type of enviroment is to assume if something looks legit, take the first steps and let the two third parties deal with it on their own

The problem here is that the bar for 'looks legit' here seems to be incredibly low. An email from a hotmail account making an allegation, with no evidence to back it up, 'looks legit?' I don't think so.

In such a situation I would think the minimum would be a certified letter with specific allegations, and some sort of evidence showing that the complainant does have a valid copyright, and the material in question does come under it. Anything less should be sent to the bitbucket.

Of course, there's another issue underneath this one - the ISP shouldn't be involved here at all, if there's a legitimate complaint the customer should be sued, and the only involvement with the ISP should be a court order to identify a particular customer. That's where the bad law issue is. But even with the bad law, the ISP shouldn't be jumping to cut off service to its customers based on unsubstantiated and undocumented allegations. I know they can't, realistically, go around making a decent investigation of every complaint - which is why they should simply bitbucket anything that doesn't come with some evidence - which the complaints in this case did not do.

Re:Can You Blame Them?

[mikefe]

If it cut into my business, I would immediately switch to another ISP and sue the origional ISP for damages if I could.

Why leave it up? Because if you don't you customer can sue you if it weren't for the TOS.

Why take it down? Because the "copyright holder" can sue you and you TOS can't help you there.

Re:It shouldn't be that easy

[Pofy]

>But thanks to the DMCA this is exactly what
>they're *not* going to do.

But thanks to reading the article, one realise it was in the Netherlands and that they will *not* care about the DMCA.

...And the result???

[Anonymous Coward]

...is just that they make anonymous email accounts illegal.

In response to such information TERRORISM, next thing we know it becomes a federal offense to open anybody an email account without first demanding a notarized photocopy of their drivers license. DMCA stands.

After all, that's as appropriate as most of the responses to 9-11 have been.