IFPI Turning To Lawsuits

Sherman's doppleganger writes "The IFPI (the "European RIAA") has made a lot of noise about filtering this year, but it looks as though 2008 is instead becoming the year of the lawsuit. The IFPI has now sued an Irish ISP in an attempt to keep copyrighted content off of its network. 'The lawsuit accuses Eircom of abetting illegal downloading by allowing copyrighted material to traverse its network unimpeded. The IFPI... wants the ISP to start filtering traffic to scrub all illicitly uploaded and downloaded copyrighted material on its network.' The lawsuit comes less than a week after an Israeli court forced the nation's three biggest ISPs to block access to HttpShare.com."

"Turning" to Lawsuits? Come Now

[eldavojohn]

IFPI Turning To Lawsuits

To say the IFPI is turning to lawsuits is like saying Bob Dylan is turning to drugs. It's an organization of lawyers! What else do they do?!

I recall them dishing out 2100 lawsuits at once in 2005 [arstechnica.com] and 8000 lawsuits at once in 2006 [arstechnica.com]! And evidence that it's been going on since 2004 [mit.edu].

You might be able to convince me that the IFPI is getting smarter (or stupider, depending on your views) at stopping file sharing by targeting ISPs with lawsuits but to say they're only now with litigating to stop these losses is ignorant.

Re:Good

[Bryansix]

That's not what this is about. It's not about ISPs hosting copyrighted works that the person hosting doesn't own. It's about the ISP's customers downloading copyrighted works that they may or might not be authorized to.

There's a way it could be done, but impractical

[MichaelCrawford]

You'd have to compare the general sound of audio files to known audio tracks whose copyright owners don't license them for sharing.

But you can't do a bit-for-bit comparing, or a hash, because there are a lot of ways to change the precise data in a file without changing what it sounds like in a way that is noticable to the human ear.

For example, you could re-compress it to a different bit rate, or transcode it say from MP3 to Ogg Vorbis, or what have you.

I'm sure there are known algorithms that can tell if two audio tracks sound alike, despite lossy compression.

The problem is that there are a lot of tracks to compare against, and a lot of sharing files. So it would be so computationally expensive that no ISP could afford to actually implement it.

Thats IFPI, Not IRAa

[SlashWombat]

So, they didn't call it the RIAa, in Europe ... It was too close to IRA?

Seriously, the technology to filter gigabytes per second traffic looking for specific music signatures does not exist at a reasonable price point. And, as others have pointed out, simply Zipping the file would be enough to bypass any packet inspection anyway. (In fact, it would need to inspect the entire stream, because packet inspection would be insufficient!) (Let alone the variety of compression formats that currently exist.)

I would not be at all surprised that if you encode analog audio files to MP3 that each version would produce different digital streams. For digital files, the addition of several random bytes just before the stream to be encoded would produce the same result. (That is, totally different looking digital data streams.) At the very worst, the added few bytes might produce a click. (even that could be kept inaudible!)
Alternatively, multiply the data by some small factor during encoding. (EG:Data * 0.995 would be inaudible, but the resultant MP3 stream would definitely not match any SIMPLE filtering stream.

IF the RIAA were to provide the filtering hardware to each and every ISP, that might get them to install it, given that filtering does not slow down the ISPs traffic.
If the filter isn't 100% effective, and falsely terminates legitimate streams, then the RIAA [IFPI] would be liable, not the ISP. Lets see how long the RIAA would last after that!

I would say that the RIAA needs to demonstrate to the courts that 100.00000000% accurate AUTOMATED detection (especially at the data rates an ISP might have!)is possible before they can even begin to suggest the ISP is involved. I will lay money down that they cannot even demonstrate 10% reliable detection rates. (Indeed, I personally think the ISP does not have the authority or the responsibility to inspect/filter any traffic.)

Re:common carrier?

[Secrity]

ISPs and the ISP divisions of telcos in the US are not common carriers.

Re:common carrier?

[judas6000]

Ireland, as a member of the EU is granted "mere conduit" status by the EU.

COUNCIL OF EUROPEAN COMMUNITIES (2007). Council directive of 21st June 2007 on Electronic Commerce (Terrorism Act 2006). (07/1550/EEC). Section 5 Paragraphs 1 & 2 read,

"(1) A service provider is not capable of being guilty of a relevant offence in respect of anything done in the course of providing so much of an information society service as consists in--
(a) the provision of access to a communication network; or
(b) the transmission in a communication network of information provided by a recipient of the service,
if the transmission condition is satisfied.

(2) The transmission condition is that the service provider does not--
(a) initiate the transmission;
(b) select the recipient of the transmission; or
(c) select or modify the information contained in the transmission."

Therefore as long as the ISPs stick to their guns and do not filter content on their networks then they will be ok, as they are protected by law as far as terrorism goes. However it would seem that this could be deemed to apply to other offences too, or at least thats my understanding of it, I should add that IANAL, so I may have misread what the EEC were getting at when they wrote that law.

In the COUNCIL OF EUROPEAN COMMUNITIES (2000). Council directive of 9th June 2005 Financial Services and Markets Act 2000 (Financial Promotion) (2005/1529/EEC) Part IV Art 18. Paragrahs 2 & 3 read,

(2) A person acts as a mere conduit for a communication if--
(a) he communicates it in the course of an activity carried on by him, the principal purpose of which is transmitting or receiving material provided to him by others;
(b) the content of the communication is wholly devised by another person; and
(c) the nature of the service provided by him in relation to the communication is such that he does not select, modify or otherwise exercise control over its content prior to its transmission or receipt.

(3) For the purposes of paragraph (2)(c) a person does not select, modify or otherwise exercise control over the content of a communication merely by removing or having the power to remove material--
(a) which is, or is alleged to be, illegal, defamatory or in breach of copyright;
(b) in response to a request to a body which is empowered by or under any enactment to make such a request; or
(c) when otherwise required to do so by law.

This again would seem set out in law the fact that just because someone can alter the content of a communication doesn't mean they have to, and that even if they do remove content they don't have to exercise control over the content. This would pretty well seem to protect ISPs from whatever lawsuit may be brought against them by the IFPI.

Re:These people need to crawl in a hole somwhere.

[sowth]

What does raiding ships at sea have to do with this discussion?

Anyway, as far as I have seen, the organizations representing the entertainment industry have done very little to directly attack the actual copyright infringers. Even in the lawsuits the RIAA conducted, they didn't seem to put much effort into finding actual infringers or verifying in any way the person they sued had anything to do with infringement. The whole thing seemed to be "let's find some random people and sue them. Who cares if they even have a computer!"

Instead they attack anyone who creates any new internet technology which may potentially carry music or movies and try to stomp them into the ground. Now they want some new filters?

Re:I Still Don't Understand

[ScrewMaster]

Oh, I agree, I misspoke me. When I said "studio" I really meant "big bloodsucking content distribution company", ala Vivendi, Universal, etc.

"common carrier" vs. "common carrier"

[tepples]

ISPs and the ISP divisions of telcos in the US are not common carriers.

There's a difference between "common carrier" in the strict legal sense and "common carrier" in a broader practical sense. In the United States, ISPs have legal protections analogous to those of common carriers, called "OCILLA safe harbor". See 17 USC 512 [copyright.gov]. Popular use of "common carrier" to refer to the OCILLA safe harbor is little different from popular use of the term "fair use" as a blanket term for limitations on exclusive rights in a copyrighted work under 17 USC 107 through 123 [copyright.gov] and 1008 [copyright.gov], when only section 107 uses are strict "fair uses".

Re:These people need to crawl in a hole somwhere.

[theheadlessrabbit]

The former means that a relatively limited number of people share something between them...So the copyright owners are losing maybe ten potential sales

so, laws will be written to regulate friendship? will we be faced with popularity caps to prevent trading of mix tapes to an excessive number of friends.

So how about radio? if a song is broadcast on the radio, and people can hear it for free, then record lables are losing hundreds of thousands of sales each time a song is played. you would think they would have regulated that, made the radio companies pay millions in royalties. Instead, the law adapted to fit new technology.

Today, the law has failed to adapt to new technology (p2p) and instead, its forcing new technology to adapt to fit the law. this is not a healthy situation, or a battle than can be won through laws as they are today.

Aren't they basically saying "yeah, we're doing something illegal, but we don't think it should be illegal

I want you to look up 2 things:

1. how many people are involved in filesharing. (US only)
2. how many people voted for the current administration

If more people support the activity, why is it illegal?

please note: I am not trying to ridicule your position, I strongly oppose organized piracy and distribution of illegal goods.

But I see a big distinction between commercial distribution, and non-comercial distribution.

I'm an artist myself. When someone takes a picture of my work and gives it to a friend, i'm flattered and pleased that they are distributing my material. but if they were to sell that image, then I would have a problem with that. they are directly profitting off of my labour.

Re:httpshare.com?

[stevo3232]

Makes you wonder why rapidshare didn't implement this

While it is by no means a complete index, http://rapidsearch.yi.org/ [yi.org] combined with http://warez-bb.org/ [warez-bb.org] allow you to find most of what you could possibly be looking for on rapidshare.

Re:Comply!

[gmack]

the police are people, too. if you are kind, pleasent, honest, and up front with them, they tend to not be dicks.

I completely agree with you. I just find that being human some topics make people go completely off the wall. I agree that every child porn creator should be nailed harshly but I find that the search for them tends to be in the witch hunt category.

I think I will check my wifi activity more often. but because most of my neighbours are really freaken old, i don't think i have to worry about that.

I was actually shocked when I discovered that.. there were no houses around just an industrial park. I think it was actually a war driver since every other office in range used the same shared connection. The main lesson I learned was that remote locations don't guarantee security

As for the rest.. I suppose you could put in a transparent proxy that restricts outgoing mail and an ICMP filter. Be careful to allow ICMP messages dealing with fragmentation so that things till work correctly. (Blocking all ICMP is an unfortunately common mistake)

It means kicking your NAT functions off of the wireless gateway but then I find that speeds things up anyways

Re:So all traffic should be banned

[Kjella]

Unfortunately the distinction between permitted and not permitted is meaningless, as is the distinction between copyrighted and public domain. The ISPs see bits and bytes, but these are not properties of bits and bytes. The exact same transfer that's illegal today will be legal in life+70 (barring more Mickey Mouse acts), bit by bit. That means the only possible way for ISPs to tell an illegal download from a legal download is to keep a database over all possible illegal downloads, which works for a plain unencrypted transfer. However, as anyone that's worked with SSL knows it negotiates a random session key so there's an arbitrarily large number of streams of bits and bytes that transfer the same data. Once we arrive at this stage the ISP is basicly checkmated, there's nothing it can do.

What they are trying to do is to use the non-authenticated, plaintext nature of the negotiation phase as it is today to determine whether it's illegal or not. Creating an HTTPS version of torrents/trackers that doesn't leak anything to the ISP would be fairly trivial, so would adding authentication if the ISP tried its own SSL connection. At that point, the ISP is quite frankly guessing. They know you connected to TPB, but not what you searched for, what torrent you're getting and if it happens to be a legal download (many torrent aggregators just pick up everything) and you talk SSL to all your peers. There's no possible theoretical or practical way they can tell the difference between you downloading Ubuntu 7.10 (700MB) or a illegal DVD rip (700MB) over a torrent, the traffic patterns would be exactly the same.

To take a practical example where this is already all encrypted, I can connect via NNTPS to my news server. How the hell is my ISP supposed to know what I'm doing? They haven't got the faintest possibility to know anything at all. Of course in this case there's a server at the other end they could go after instead, but in a P2P network it's simply impossible. P.S. For anyone trying to make the lame pun about "The first rule about Usenet..." it's near 30 years old, and everyone that cares to know already knows about it. The only possible way an ISP could prevent copyrighted works from going over their networks is to turn off the lights.

Re:common carrier?

[Anonymous Coward]

Digital Rights Ireland has a post up discussing this case:
http://www.digitalrights.ie/2008/03/11/irma-v-eircom-why-isp-filtering-for-the-music-industry-is-a-bad-idea/ [digitalrights.ie]

Excerpt:

"You might have noticed that the big music firms are suing Eircom, demanding that it put in place a system for monitoring peer to peer filesharing and blocking transfers of their music. We think that this is a bad idea. Here's why.

Intermediaries, not police

Internet Service Providers (ISPs) are intermediaries. They are not, in law, responsible for what internet users do, any more than An Post is responsible for what individuals send in the mail. In fact, European law specifically states that they may not be put under a general obligation to monitor the information they transmit. This action undermines this principle and threatens the privacy of internet users - in much the same way as if An Post had to open and examine the contents of every letter they carry. Here's what the ISPAI had to say about this:

The Association is totally opposed to any obligation (such as that apparently in this Belgian court decision) that ISPs should monitor all of their customers' Internet communications on the off-chance that someone may be distributing copyrighted work which they do not have permission to use. (How is an ISP, or any other third party, to know whether a communication is copyrighted, who owns the copyright or whether permission has or has not been granted?)

The privacy of all personal and business communications is at stake here. This is the electronic equivalent of the post-office steaming open every letter in the sorting office, checking the contents and never delivering the bits some unknown worker believes should be censored. If legislation forced ISPs to monitor, never mind the democratic or moral issues, in practice everyone would immediatly switch to encryption rendering any such monitoring useless, the monitoring process itself would slow the Internet to an unusable snail's pace.

Privacy

This technology will result in ISPs being obliged to monitor everything internet users do - in effect, acting as private censors for all users without any warrant or even mere suspicion that a particular user is doing something wrong. If the music industry has evidence that a particular person is sharing copyrighted files then they can and already do take action against that person. If they do not have that evidence then they should not be demanding that ISPs monitor innocent users."

Re:So all traffic should be banned

[Anonymous Coward]

Not only that but any filtering/blocking on Eircoms network would also have an effect on near all the other ISP's. Eircom owns the backbone, and most of the other ISP's are resellers of Eircoms wholesale products or use their network one way or the other.

It doesn't help that the current minister for communications is a clueless idiot, and the current government is one of the most corrupt in a long while. This could get interesting.