Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Piracy Privacy The Courts The Internet IT Technology

US Court of Appeals: An IP Address Isn't Enough To Identify a Pirate (techspot.com) 168

A judge has ruled that copyright trolls need more than just an IP address if they want to go after copyright infringement. An IP is not enough proof to tie a person to a crime. From a report: In a win for privacy advocates and pirates, the Ninth Circuit Court of Appeals ruled that an IP address alone is not enough to go after someone for alleged copyright infringement. They ruled that being the registered subscriber of an infringing IP address does not create a reasonable inference that the subscriber is also the infringer. The case began back in 2016 and has been playing out in the legal system ever since. The creators of the film "The Cobbler" alleged that Thomas Gonzales had illegally downloaded their movie and sued him for it. Gonzales was a Comcast subscriber and had set up his network with an open Wi-Fi access point. At some point, someone had used his network to download the movie and the film creators captured Gonzales's IP address. The judge stated that in order for a proper case, the copyright owners would need more than just an IP address.
This discussion has been archived. No new comments can be posted.

US Court of Appeals: An IP Address Isn't Enough To Identify a Pirate

Comments Filter:
  • Someone should tell lawyers what MAC addresses are.

    No, wait. Don't.

    • Someone should tell lawyers what MAC addresses are.

      Right, because it is impossible to change your MAC address /s

    • Re:MACs (Score:4, Informative)

      by bobbied ( 2522392 ) on Wednesday August 29, 2018 @09:54AM (#57217434)

      You figure that a MAC address is going to help ID the perp? Cute.

      Also, how about the fact that MAC addresses are not usually part of the Layer 3 conversation? Just one layer 3 device and poof, the MAC address is something different. MAC doesn't survive past Layer 2.

      • Re: MACs (Score:3, Interesting)

        by Anonymous Coward

        A little knowledge is a dangeous thing. You could have dozens of devices on a subnet all talking to each other (with Layer 3 information) ans they're all going to know each other's MAC and it wilk "survive". I think what you mean is: once a computer needs to talk outside of the subnet and sends packets to a router, the router will only preserve the IP and not the MAC of the sender. A router ties together subnets, but the MAC from everything relayed will be it's own.

      • Unless it is IP6 ...

        • Unless it is IP6 ...

          MAC addresses are not directly tied to IPv6 addresses except by convention and only in specific situations. IPv6 addresses don't always have the MAC address in them, it's just the easy rule of thumb for address assignments, but it isn't universal. Also MAC addresses are easily changed in software and hardware ones are not guaranteed to be unique. So it *might* be enough to track a device, or it may not.

          But it doesn't really matter.. The ISP is going to give up your name and address based on your IP Addr

          • I doubt you can change your MAC address on a phone or tablet.

            • I doubt you can change your MAC address on a phone or tablet.

              Like I said, the ISP is going to finger you as the owner of the IP in question, so you are getting sued in this hypothetical. I'm just saying that your MAC address doesn't matter and doesn't uniquely ID your device in all cases.

    • Re:MACs (Score:5, Informative)

      by guruevi ( 827432 ) on Wednesday August 29, 2018 @09:57AM (#57217470)

      If you ever buy a Khadas VIM or other Chinese-originated device (which are often set up as “torrent media centers”) they all share the same MAC address. Why: because the chipmakers didn’t want to shell out for a block of MAC addresses.

      MAC addresses are only supposed to be unique on a single network. It’s not unheard of that smaller companies re-use MAC addresses in switches and other networking devices and simply make sure they don’t get sent out to the same customer or area of the country/world.

      • You can also set the MAC address to whatever you want. The card will have one burned on it that the computer can read and use, but the packets are built completely on the computer, so it's possible to set the MAC address to anything in software. C0FFEE15600d is valid.

      • Actually sometimes it's also they don't want to burn a different number for each part. That costs money, especially for dirt-cheap products.
  • But (Score:5, Funny)

    by meglon ( 1001833 ) on Wednesday August 29, 2018 @09:47AM (#57217346)
    ... who ever did download and watch it has already been punished enough.
    • yeah. what a horrible movie. I'll never get that time back.
    • Fair enough, but I don't think it makes sense to suggest the filmakers are "copyright trolls", which the summary, as written, suggests.

      • by meglon ( 1001833 )
        If you do a little research on the company, it's pretty much exactly what they are....they're not movie producers or a studio, they're lawyers that sue people hoping people will settle instead of taking it to court. That would be a copyright troll.
  • This one was obvious (Score:5, Interesting)

    by fred6666 ( 4718031 ) on Wednesday August 29, 2018 @09:47AM (#57217354)

    Because of the open WiFi.
    But what about a regular household with many different users including minors and a WPA2 protected network? Who are they going to sue?
    Is it really reasonable to sue the account owner in such a case? Should the account owner have to keep internal logs in order to identify which kid did the copyright violation?

    • Unless your kids are adults with money, they are coming after you anyway.

      • by CrimsonAvenger ( 580665 ) on Wednesday August 29, 2018 @10:00AM (#57217512)

        Unless your kids are adults with money, they are coming after you anyway.

        Unless your kids are adults, you're pretty much legally liable for what they do anyways. Yes, if your kid throws a rock through the neighbor's front window, YOU are going to be on the hook for repair costs....

        • OK still, let say we are only 2 adults in the house. Which one gets sued if my IP address got caught? Oh, and I also gave my WiFi password to friends and relatives.

          • Until now you'd be held liable if you are the person paying for the internet connection. Now, if this ruling stands, I'm not so sure they can come after you without some other kind of evidence, especially if there is an open WiFi network involved.

            Something tells me though, that this precedent won't stand. This is a civil court, all they need show is that it was likely you, which is much lower than the "beyond reasonable doubt" threshold used in criminal courts.

            • by tlhIngan ( 30335 )

              This is a civil court, all they need show is that it was likely you, which is much lower than the "beyond reasonable doubt" threshold used in criminal courts.

              Yeah, they need to show it's you. But if could be your friend, too.

              You see, an IPv4 address only identifies a connection. The person could've been wired to the router, or wireless. The person could live at the house, or be a transient.

              What's likely going to happen is a mass rollout of IPv6, where only the prefix now identifies the connection and you c

              • where only the prefix now identifies the connection and you can start monitoring individual IP addresses (all of which point to a device), so you can narrow down to which device downloaded the file, and from there figure out the likely person.

                How so? You won't be allowed to share a computer under that scheme?

              • by sjames ( 1099 )

                Except they don't. IP privacy, for example causes the host to choose rendon non-conflicting addresses in the prefix and changes them frequently. Also, it's easy to pick any IP you want within a prefix. For example, wait till the homeowner goes to work, then set your laptop to use the autoconfigured address of their laptop.

                Others use NAT on v6 anyway, mostly because they really don't know how v6 is supposed to work and NAT is "secure".

            • by sjames ( 1099 )

              They would need to show that it is MORE likely you than someone else.

              Note that there are now fairly easy ways to crack WPA2 passwords.

              • They would need to show that it is MORE likely you than someone else.

                If there are two adults in the household, isn't it equally likely that it is any of them? Or are they going to look at the content and be sexist and say that show XYZ must have been downloaded by a man?

                • by sjames ( 1099 )

                  Throw in the possibility that it is someone leeching the WiFi and you have less than a 50% chance of guessing right. And so, IP is not sufficient to identify a "pirate".

        • by Mashiki ( 184564 )

          Unless your kids are adults, you're pretty much legally liable for what they do anyways. Yes, if your kid throws a rock through the neighbor's front window, YOU are going to be on the hook for repair costs....

          Depends on how old the kid is. Has mens rea kicked in? If so, then it starts moving away from parental responsibility to individual responsibility.

      • by sjames ( 1099 )

        It might also be somebody else's kids.

    • by T.E.D. ( 34228 )

      Because of the open WiFi. But what about a regular household with many different users including minors and a WPA2 protected network?

      This is why, for your own legal protection, you should always leave your WiFi open.

  • IP (Score:4, Funny)

    by Oswald McWeany ( 2428506 ) on Wednesday August 29, 2018 @09:48AM (#57217362)

    An IP isn't enough to identify a pirate?

    An "I" Patch?

  • I expect the various copyright groups will now begin lobbying for a law requiring ISPs to use the device cameras to take a photo of whoever is at the terminal before allowing any sizeable file to be downloaded. Or perhaps just continuous video surveillance while you're connected to the ISP. As we've seen many times, anything that provides plausible deniability to copyright infringement becomes a major target of legislation by the major content providers.
    • I expect the various copyright groups will now begin lobbying for a law requiring ISPs to use the device cameras to take a photo of whoever is at the terminal before allowing any sizeable file to be downloaded. Or perhaps just continuous video surveillance while you're connected to the ISP. As we've seen many times, anything that provides plausible deniability to copyright infringement becomes a major target of legislation by the major content providers.

      No, easier - expect the ISPs (many of whom are also cable providers and copyright holders) to start inserting a line in the ToS that the subscriber accepts all liability for any acts of infringement on their internal network, regardless of whether it's a third party using their open WiFi.

      • criminal liability does not work that way and the ISP will need to prove that it's logs are good and based on there cap meters that are off that can be used in court to say that there logs are not usable in court.

        • criminal liability does not work that way and the ISP will need to prove that it's logs are good and based on there cap meters that are off that can be used in court to say that there logs are not usable in court.

          I never mentioned criminal liability, and this case was not about criminal liability, but civil liability for copyright infringement. Civil liability most certainly can work that way.
          And yes, the ISP will need to prove that its logs are good that this subscriber had that IP address at said time, but that's not hard at all - in fact, it's a necessary function of being a service provider: you can't receive packets if the ISP has the wrong address for you. It's like the phone company sending calls to a differ

          • Well poor logs of Cap metering is an reasonable doubt issue more so in an criminal setting.

            • Well poor logs of Cap metering is an reasonable doubt issue more so in an criminal setting.

              In civil litigation, the standard is "more likely than not", not "beyond a reasonable doubt."
              And ISPs can certainly show that your modem had a certain IP and received packets to that IP. Otherwise, they wouldn't be ISPs.

  • The MPAA / RIAA already know this and they know litigation ( especially beyond this ruling ) is likely going to cost them more than they're going to bring in.
    Thus, my guess as to why they want to shift the burden onto the ISP's to play Copyright Cop.

    Why waste your money and time when you can waste someone else's money and time instead ?

    Having said that, however, are the ISP's going to follow the same rules about an IP address != a subscriber before throttling or disconnecting your service completely when th

  • I don't care if they guy did download the film, he's suffered enough. Hell, he should sue _them_.
  • This is similar to just because you were at a store when it was robbed, doesn't mean you robbed it. Also, given the metaphor it you wouldn't expect the store to go after you to recoup some of the loss because you were there and might have been involved.

    Now if you want to make the case that I was complicit because I didn't stop it; well then why didn't the ISP stop it, why didn't the backbone providers stop it, why didn't the other guy(s) ISP stop it.

    No, the real problem is that content holders have the exp

  • Was this the case of torrenting or streaming?

  • This is a good ruling, but don't rely on that alone to protect your privacy. Use TOR and/or a VPN.

  • position it strategically so that it covers any gaps that you may have a use for, set it open, rate limit it.
  • Taking control of the webcam whilst the ones and zeroes are being downloaded?

Technology is dominated by those who manage what they do not understand.

Working...