Slashdot Log In
Judge Excludes 3 "John Does" From RIAA Subpoena
Posted by
kdawson
on Tue Nov 25, 2008 05:43 AM
from the sue-doe-actions dept.
from the sue-doe-actions dept.
NewYorkCountryLawyer writes "In one of the RIAA's 'John Doe' cases targeting Boston University students, after the University wrote to the Court saying that it could not identify three of the John Does 'to a reasonable degree of technical certainty,' Judge Nancy Gertner deemed the University's letter a 'motion to quash,' and granted it, quashing the subpoena as to those defendants. In the very brief docket entry (PDF) containing her decision, she noted that 'compliance with the subpoena as to the IP addresses represented by these Defendants would expose innocent parties to intrusive discovery.' There is an important lesson to be learned from this ruling: if the IT departments of the colleges and universities targeted by the RIAA would be honest, and explain to the Courts the problems with the identification and other technical issues, there is a good chance the subpoenas will be vacated. Certainly, there is now a judicial precedent for that principle. One commentator asks whether this holding 'represents the death knell to some, if not all, of the RIAA's efforts to use American university staff as copyright cops.'"
Related Stories
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
It's obvious that what we need is... (Score:5, Funny)
...a new law requiring better IP tracking built into all new routers and laptops.
Re:It's obvious that what we need is... (Score:5, Insightful)
Sad but true. just leaving the problem that I can change my mac address and even with username/pass systems pilfering a login/pass from a com girl or arts student in my uni would be childsplay
Parent
Re:It's obvious that what we need is... (Score:4, Interesting)
Sad but true. just leaving the problem that I can change my mac address and even with username/pass systems pilfering a login/pass from a com girl or arts student in my uni would be childsplay
I would like to see more discussion on that actually. I understand that anonymity is sort of the thing that makes the internet great.
Is having a static home address (123 Cherry Lane) preventing anonymity in the real world? Is that a valid comparison?
It seems like the point above could/should be a concern to an average user, retaining your identity?
Parent
Re:It's obvious that what we need is... (Score:5, Interesting)
I would like to see more discussion on that actually. I understand that anonymity is sort of the thing that makes the internet great.
I'm not so sure that total anonymity is such a great thing. It allows too many cretins to make personal attacks on people, essentially convicting someone of a perceived crime, when none may have occurred. Certainly, those who have been the victims would agree.
Is having a static home address (123 Cherry Lane) preventing anonymity in the real world? Is that a valid comparison?
When you realize that your home can be seen by anyone via Google Earth or similar service, it does call into question how private is your life. Of course, the view is not real time, but it is a snapshot and who knows what was happening that day? I think a closer comparison might be your landline telephone. It's not completely anonymous, can be traced to an physical address in most cases and there are laws that disallow the use of the phone for certain things such as uttering threats or causing a fraud to be perpetrated.
I am in no way condoning the actions of the RIAA, but until the failed business model they were assigned to protect is gone, they have the right to stop the unfettered sharing of copyrighted materials. Just like a trace that can be put on a landline phone, and the identity of the phone subscriber found, the RIAA has an obligation to its client to find out who is causing the client to lose revenue and changing one's MAC or IP address may seem like a cool way to beat it, but the law may not be on your side at this time.
Having said all of that, one has to ask how much longer the recording industry will continue this folly.
Parent
Re: (Score:3, Funny)
"Is having a static home address (123 Cherry Lane) preventing anonymity in the real world?"
As long as you are not required to display it on yourself everywhere you go, no.
"Is that a valid comparison?"
Maybe, changing the MAC address of your computer to someone's else (or spoofing an IP address) to do something wrong is similiar to yelling "I am " to the police while running away from the police.
"It seems like the point above could/should be a concern to an average user, retaining your identity?"
Absolutely, b
Re: (Score:3, Insightful)
Re:It's obvious that what we need is... (Score:5, Insightful)
How can you be "impeding the investigation" if you took these measures before any such investigation existed? It would be one thing to destroy evidence after being issued a subpoena but I'm not aware of any law that requires IT departments to retain logs of IP assignments.......
Parent
Re: (Score:3, Insightful)
Re: (Score:3)
Re: (Score:3, Interesting)
Re: (Score:3, Interesting)
Then I suppose you have to decide what's more important -- having the ability to track people down for other purposes or preventing your shop from being used as RIAA's evidence gathering team.
Re: (Score:3, Funny)
Well, gosh, when you spin it that way, who'd let themselves be used?!
Besides, it's not about gathering evidence. The RIAA and their investigative agencies do that. Universities just provide a name.
Re:It's obvious that what we need is... (Score:5, Insightful)
Well, gosh, when you spin it that way, who'd let themselves be used?!
Eh, I wasn't spinning, that's how I really see it. My job as an IT person is to make sure that the network is functional for my users. My job isn't to help RIAA build a case that will be used to bankrupt one of my users based on some thin argument like "making available". Not having logs of IP assignments (or keeping those logs for very short periods of time) isn't going to be a huge hindrance to me -- so I choose not to keep them in my shop.
The RIAA and their unlicensed investigative agencies do that
Fixed that for you :)
Parent
Re:It's obvious that what we need is... (Score:4, Insightful)
The latter is far more likely than the former to have the desired effect. It seems to me that downloading whatever you want has been proven repeatedly to be used by the RIAA to justify their tactics.
Oh, I wasn't downloading whatever I want to make a point to RIAA. I was downloading whatever I want because it was free. I think most people would acknowledge on some level that it's wrong to do that -- what I would dispute is that the person who engages in file-sharing deserves to be punished more harshly than the person who shoplifts a CD.
If somebody got a $222,000 fine for shoplifting a $20 CD I'm fairly certain that it would cause public outrage and probably be ruled unconstitutional. Funny RIAA uses the civil system to accomplish what the criminal system would acknowledge as being completely disproportional to the "crime" that was committed......
Personally, I hope they all burn in hell.
Parent
There's another clear lesson here (Score:5, Insightful)
We can hope... (Score:5, Interesting)
The suddenoutbreakofcommonsense shown on this small scale is coming too late, I fear. Because even now, ISPs are caving to big media. Phorm worms its way through many UK ISPs, apparently undiminished. A consortium of service providers have agreed to keep tabs on the situation for the record insdustry, amongst others, and send out warning letters to infringers. Usenet has been all but dropped from the roster of ISP services.
Unlike the naysayers, I always believed that the internet would remain free. After all, ISPs have always been protected as carriers, just like the postal service - and the postal service is not subject to search and seizure without due process. Nobody can open my private mail (unless it crosses borders) and check for pirated DVDs, without a really good reason to suspect that I'm pirating DVDs.
But I was wrong, and stupid, and for once in my damn life, too optimistic.
Because for every smart call like the one above, there are ten stories of companies we need to be able to trust voluntarily caving to pressure. It's too damn late.
Re:We can hope... (Score:4, Interesting)
Parent
Re: (Score:3, Insightful)
Universities still need to police their networks (Score:5, Insightful)
In 2001, my alma mater had 2 45mbps lines for the university and they were consistently hammered by the students doing file sharing. It got to the point that some people in the CS department joked that banging out packets across tin-cans-on-strings would be faster than using the campus network when classes were generally over for the day.
Then, the university instituted packet shapers across the network and it got usable again. Usable to the point where I didn't feel like I was on a 14.4k modem again.
If you want to bootleg content, then pay for your own connection.
Re:Universities still need to police their network (Score:5, Informative)
Isn't that what I'm did by paying the obscene "technology fee"? What ELSE is that 1224$ going toward?
Is it hookers? Hookers and blow? You can tell me the truth. I won't be half as mad if you tell me it's hookers and blow.
Parent
If you're paying $1224, you're getting shafted (Score:3, Informative)
We paid $125/semester. Granted, our school also didn't feel the need to keep up with the Jones WRT bandwidth.
Re:Universities still need to police their network (Score:4, Informative)
If you want to bootleg content, then pay for your own connection.
I have to disagree with your final point; in almost any University environment the students ARE paying for their connections one way or another. The terms under which they can use it, however, are usually a bit more restrictive that your standard ISP.
Parent
Re:Universities still need to police their network (Score:5, Informative)
Parent
Re:Universities still need to MANAGE their network (Score:4, Interesting)
Policing the network requires a mindset which assumes the students will do bad things and the administration is determined to catch and punish accused systems perpetrators.
Managing the network, as your example shows, is the proper implementation of policies and configurations which allow the University community to effectively perform their work.
Managing the network is more effective and provides a more collegial atmosphere.
In my CS Department, all the information which could be used by the RIAA to track student usage of systems is NOT logged. Attempts to obtain unauthorized access are logged; but not successful authorized access. [All you security types can take your immediate objections and stuff them in your policy orifice.]
Parent
spoof::poof (Score:5, Insightful)
The RIAA could demand some draconian cerberos system, but I doubt that rendering large campus networks unusable will garner them any support from the already annoyed campus IT admins. Anyway, much like the AV companies vs virus-writers, this battle is an entirely defensive one.
It's nice to see something logical leaking out of the judicial system, however.
Death Knell? (Score:5, Interesting)
Re:Death Knell? (Score:4, Insightful)
Depends how you define "the year of linux on the desktop", doesn't it?
The fastest growing segment of the PC market, netbooks, are split between Windows XP and linux. That, along with reaching mature status on important projects like web browsers, office software, media players, and Instant Messagers, is slowly making linux a viable alternative to Windows, as the netbook market is showing.
Similarly, depends how you define "death knell". I don't think any one of these bad things is going to spell the end of the RIAA crusade against their customers. I do think, however, that the slow build-up of legal ways to avoid being attacked will make their crusade more effort than it's worth. They'll go from being able to sue 3000 people in a single lawsuit to having to focus on a few, then maybe one. At that point, it's not economical to sue potential customers anymore, and they'll just have to figure out ways to make money instead.
Parent
Re:Death Knell? (Score:4, Informative)
BSD (cousin to Linux?)
It's pretty hard to class OS X as related to Linux. OS X is UNIX, with code from AT&T UNIX via 4BSD and later via FreeBSD and code from CMU Mach. It is UNIX(tm), as it has passed certification by The Open Group.
Linux is a clone of UNIX, shares no code with UNIX (except a few small bits taken from BSD, mostly headers), and is not certified as UNIX(tm).
Parent
Re: (Score:3, Funny)
Don't worry, the release of Duke Nukem 4ever will be the death knell for the RIAA and the year of Linux on the desktop!
And ponies. Can't forget the ponies.
Re:Death Knell? (Score:4, Informative)
Isn't every one of these stories tagged as being the death knell for the RIAA? Don't get me wrong, I'm always glad to see the RIAA losing in these types of cases, but 'death knell for the RIAA' is getting to be 'Year for Linux on the Desktop'.
Well look at it this way. If this case stands for the principle that no John Doe information can be divulged unless the ISP can identify the "alleged infringer" to a "reasonable degree of technical certainty", and that principle is followed by other courts.... very few, if any, "alleged infringers", will ever be identified.
Parent
Don't get carried away (Score:4, Interesting)
Via other legislation, it looks like colleges and universities in the US are going to be expected to take active steps - training and education, and likely technical as well - to curb piracy or else risk losing federal funding. It's part of the "Higher Education Opportunity Act". They're now in the "rulemaking" phase, but I find it hard to believe that the Department of Education is going to be particularly accommodating, and I'm not confident that the new administration will be substantially better than the old on this issue. I think this case is going to give the RIAA/MPAA and their allies in congress something to point at to say "See! We need more protection".
If we're required to do blocking and monitoring, the BU defense won't hold, because we'll have the data. At this point, the biggest factor is the delay. If you're a university buying service through a provider, and the letter goes to them first, it takes at least a week, often more, to get to you. By that point, there's usually not even any reason to look for the torrent they're complaining about.
Re:Don't get carried away (Score:5, Insightful)
If we're required to do blocking and monitoring, the BU defense won't hold, because we'll have the data.
I wonder what kind of ridiculous fine structure or penalties there will be for not logging what you monitor?
How about a well documented disk failure event on the file system containing all the logs? "Sorry, Your Honor, we logged everything, and then the disk failed."
Are we going to be legislated into complete backup strategies? I doubt it.
I think the Senate/Obama stance is that bad business models can be allowed to fail (See GM, Ford, Chryseler). It that holds true, the business model of the RIAA/Big 4, which was a sinking ship before Sep08, will certainly have some scrutiny before legislation. Couple that with overwhelming projections of a poor buying season, and I can't see how the RIAA has much of a leg to stand on here.
Parent
Slashdot Article #921431008 supporting piracy (Score:5, Insightful)
Of course, it would be so very socially awkward to point out that virtually all policies slashdot have supported so far amount to in effect a regressive wealth transfer from the poor to the wealthy, where the poor who are for whatever reason unable to use a p2p service and thus purchase CDs subsidize the entertainment of those who otherwise generally can afford it. Oh no. Pointing out such things is just not cool.
Re:Slashdot Article #921431008 supporting piracy (Score:5, Informative)
I'm still waiting for slashdot article #1 where somebody presents a decent and fair plan that both acknowledges new technologies and the possibilities that they bring AND the rights of the rightsholders to be fairly compensated and to reasonably punish/recover from wrongdoers.
Sorry bud, but it ain't gonna happen. The "rightsholders" are the labels - this is only one of many reforms that need to be made. The recording artists should own copyright; they should NOT be "works for hire".
Copyright lengths need to be brought back down to sane levels. I should NOT have to pay for a Jimi Hendrix download.
Copyrights need to be registered again. Automatic granting of copyright is madness.
Out of print works should not be covered by copyright.
it would be so very socially awkward to point out that virtually all policies slashdot have supported so far amount to in effect a regressive wealth transfer from the poor to the wealthy
I don't know where you got the idea that Sony-BMI executives (who actually own the copyrights) are poor and the downloaders are wealthy.
I suggest you read Lawrence Lessig's Free Culture [free-culture.cc]. The following quote is abridged:
The fact is, the labels are on the wrong side of history. Independant (non-RIAA) artists have learned to use the internet to their advantage. The RIAA wants to use copyright law to kill the independant competetion, who use Lessig's "D" as a means of promotion.
It isn't about music lovers "stealing" music -- study after study shows that "pirates" spend more money on music than non-pirates. It's about squashing competetion. The RIAA has radio, the indies have P2P, so the RIAA wants to kill P2P.
Nobody outside the industry who understands the situation is on the RIAA's side.
Parent
Re:Slashdot Article #921431008 supporting piracy (Score:5, Interesting)
If you have a solution that is a decent and fair plan that both acknowledges new technologies and the possibilities that they bring AND the rights of the rightholders to be fairly compensated and to reasonably punish/recover from wrongdoers, I for one would be interested in hearing it.
Here's the thing about copyright in the digital age. For software, music, videos, the marginal (per additional copy) cost is zero. Now, given that it takes no effort to copy it, and anybody can do it in his own home (or his parents' I suppose), how can you realistically stop that, without invading everyone's privacy? How can you even really know that they're doing it? Same thing with downloading it: the only way to know is to invade the privacy of the people by monitoring all their transfers. And even then, it's an imperfect system. How do you know what they have the right to down/upload? How do you deal with authorization? What about false positives? False negatives?
Also, your argument about how it's a regressive wealth transfer from the poor to the wealthy is a bit off-track. If the government(s) imposed a tax on everyone that was used to compensate artists for the creation, it will most likely be nowhere near as draconian as you make it seem. It's not like the government will charge a flat tax on everyone. Presumably, like other "progressive" taxes, it will be charged at a percentage, based on your ability to pay. Thus rich people will pay more and poor people will pay less. There will most likely be a group who pays nothing into this at all, like with income tax. Also, is it really a transfer to the wealthy? I know when you think of artists, you imagine the pop sensation of the day who has millions and millions of dollars, but there are still lots of "starving artists" out there.
You're making the issue too emotionally charged by using terms like "regressive wealth transfer from the poor to the wealthy", which a lot of people emotionally oppose. But it's not really like that.
Parent
Re:Slashdot Article #921431008 supporting piracy (Score:4, Insightful)
Parent
Re:Slashdot Article #921431008 supporting piracy (Score:4, Insightful)
AND the rights of the rightsholders to be fairly compensated and to reasonably punish/recover from wrongdoers*.
In the US, where the article takes place, there is no right for writers/artists/developers to be "fairly" compensated**. None whatsoever. In fact, it is quite the opposite: it is our right to share culture freely. The purpose of copyright, as described by the US constitution, is meant to serve the public by encouraging the growth of the public domain. The public temporarily waives their natural rights to freely share their culture in order to encourage writers/artists/developers to write/sing/develop. Before the digital age, this was a right individual people couldn't even exercise in the first place, so they were getting a real bargain out of it.
The problem is that the temporary part is gone. Copyright terms are way too long, longer than human lifetimes. We really should be legally allowed to freely share everything from (at least) the 80's and before. All these works should be in the public domain by now. This is why you might see this slant on /., because copyright is way out of balance and unconstitutional. It needs to serve the public again. I bet you will find that many, if not most, works on P2P networks would be legal to share if we had reasonable copyright terms.
* As a side note, you said "wrongdoers" to describe people breaking laws. Please don't mix up right/wrong with legal/illegal. These are completely unrelated.
** In other countries authors may actually have rights that don't exist in the US. For example, in the UK there are a set of non-transferable "moral rights" for authors. Since I live in the US I don't have to worry much about this, though.
Parent
Re: (Score:3, Insightful)
Really? Even if they used it without your knowledge?
That's like saying that if I let my mates take my car and they go commit a crime with it (say a hit and run), I should be punished for it.
I wouldn't be classified as an accessory to their hit-and-run, so why should I be an accessory to their copyright infringement if I let them use my connection?
Re: (Score:3, Funny)
Protip: In most places you would be charged as an accessory in that case. Unless you can prove they stole it. At the very least you could get charged with negligence.
This is flat out bullshit. Criminally, It doesn't matter if the car was stolen or borrowed.
This analogy is bad, because it's relatively simple to determine who the operator of the car is (spoofing cars is really hard), where it is not so easy to peer through the ether and see who using a PC, or even if that PC is the one you think it is.
Re:Odd (Score:5, Informative)
Parent
Re:Odd (Score:5, Insightful)
Most of my neighbours have wireless.
I could crack into them in minutes and download.
Are they supposed to be security experts now?
What about when WPA gets cracked? even the ones with a little knowhow will be open for a time.
If someone breaks into your house and commits mail fraud while you're away are you guilty because your door wasn't strong enough to keep them out?
"accessory to their infringement" is bullshit
Parent
Re:Odd (Score:5, Insightful)
You bring up something that I think about somewhat often.
On the one hand, the Internet is incredibly useful and provides so much information and entertainment which I believe everyone SHOULD be able to access. It would be a huge loss to society, imo, for people lose this.
On the other hand, computers are complex. Networks are a complex part of computers. Security is a yet more complex part of computer networks. These are things that people spend years learning about and are constantly learning more about, yet here we are encouraging average, untrained people to stick computers which they are basically system administrators for on the largest, most complex, and hardest to secure network in the world? How much sense does that make?
Parent
The (stupid) response to this is ... (Score:3, Insightful)
The sinister "three strike law" pushed by Sarkonazy and his subordinates creates a new category of "crime", that of "not securing properly one's connection", I shit you not. That way you can't use the defense of having been infected by a virus or having your router hax0red, it's your fault, you should have been a master sysadmin.
Nevermind that megacorporations themselves can't be fucked to secure all their systems, you, Joe SixPC, are supposed to one up PCI/DSS or FIPS whatever, or you can't be allowed to t
Re:Odd (Score:4, Insightful)
How do IPs not specify identity?
They just don't.
Sure, you can build a system with multiple paths of registration and logging and authentication, but a majority of those processes can be spoofed or socially engineered.
If you came up to me with a subpoena asking who had IP address 192.168.1.X on this day at this time, even if I still had the logs on my DHCP server, it would take a significant amount of forensics (IE, an audit of every laptop my friends or neighbors own) to determine who the culprit was.
Parent
Re:Odd (Score:4, Insightful)
How do you "audit" to find out what a MAC address was temporarily set to?
DHCP logs only get you from IP to MAC, they don't tell you anything about what that MAC is being used by.
Parent
Re: (Score:3, Interesting)
Doubtful. The president/executive branch has very little influence on the lower courts. They weigh in on matters that will directly affect them, such as national security, but file sharing tends to be pretty low on the list of important things to the executive branch.
Biden has also a history of being pretty pro-copyright, so that would actually skew it the other way.
I think it has more to do with the courts (especially specific judges) getting sick of the RIAA.
It's libertarian (Score:5, Insightful)
I think the problem here is poor definition of "left" vs. "right."
Ask a question pertaining to abortion, and most of the answers here are "anything goes," which sounds left-wing. Ask a question about the economy, and the answers are more "government isn't your sugar daddy," which sounds right-wing.
I think the most common /. viewpoint is best described as "libertarian," which can be summed up as "leave us alone and don't tell us what to do."
Parent
Re:It's libertarian (Score:5, Insightful)
I think the problem here is poor definition of "left" vs. "right." Ask a question pertaining to abortion, and most of the answers here are "anything goes," which sounds left-wing. Ask a question about the economy, and the answers are more "government isn't your sugar daddy," which sounds right-wing. I think the most common /. viewpoint is best described as "libertarian," which can be summed up as "leave us alone and don't tell us what to do."
I think any attempt to distill a prevailing political orientation on Slashdot is doomed to failure. There is, in truth, a great deal of diversity here.
The only common thread is that each of us is right.
Parent
Re:NewYorkCountryLawyer - precedent??? (Score:4, Informative)
I defer to the expertise of an attorney, but unless this was a ruling by a court of appeals or above, there is no precedent set. Trial courts render judgments which can be referenced in litigation, but not cited as "precedent" on other legal cases... is this not correct? Please correct me if I'm wrong.
It's a precedent. It's not 'controlling' or 'binding' but it's a precedent.
Parent
Re:Chronicle of Higher Education (Score:5, Informative)
Parent