backtop


Print 60 comment(s) - last by khaydin.. on May 24 at 12:47 PM


  (Source: Kevin Pezzi)
Lack of technical knowledge plagued the court for years, allowing the RIAA to victimize citizens

Judge Harold Baker, a judge at the Central District Court of Illinois, has ruled that an internet protocol address does not necessarily mean a specific person, and thus can not be treated as such in a criminal or civil investigation.

I. IP Doth Not a Person Make

Technology professionals have long understood that IP addresses are closer to a zip code than a social security number.  Multiple people locally accessing or remotely funneling through a specific hotspot can share IP addresses.  In short, IP address offers little clue to a users' true identity.

Yet for years the Recording Industry Association of America (RIAA), along with its international peers, has been victimizing individuals into out of court settlements, because their IP address was found to be sharing copyrighted materials.  Some of these individuals didn't even have access to a computer, and in at least one case, the target of the RIAA complaint was a recently deceased elderly individual.

In court, the U.S. largely upheld IP logs as evidence in trials such as the cases against Jammie Thomas-Rassert and Joel Tenenbaum.

And recently, the U.S. Federal Bureau of Investigations (FBI) and its sister agencies have been conducting raids on suspected child pornography viewers based solely on IP logs -- with minimal background research.  In many cases these raids were later discovered to be case of mistaken identity -- but that discovery came too late for brutalized homeowners.

II.  The VPR Internationale Case

Judge Baker ruled against a Canadian adult film distributor in the case VPR Internationale v. Does 1-1017.  In the case, VPR Internationale sought court authorization to demand customer data from internet service providers.  

It had collected logs of IP addresses of users' illegally sharing its materials via bittorrent.  By obtaining the subscriber information associated with the specific account, it hoped to coerce the subscriber into a settlement ranging from hundreds of dollars to a few thousand dollars.  As there was 100,000 IPs implicated in its request, the company stood to make a multi-million dollar profit from the settlements.

But as it turns out Judge Baker rejected the request, pointing out that multiple users could share an IP and requesting information would violate the subscriber's privacy rights.  He said the court was not in the business of authorizing a "fishing expedition" at the consumers' expense.

In the ruling [Scribd], he writes, "Orin Kerr, a professor at George Washington University Law School, noted that whether you’re guilty or not, you look like a suspect. Could expedited discovery be used to wrest quick settlements, even from people who have done nothing wrong? .. [T]he embarrassment of public exposure might be too great, the legal system too daunting and expensive, for some to ask whether the plaintiff VPR has competent evidence to prove its case."

III. The Road Ahead

The issue of IP addresses as evidence has hardly been laid to rest, though the practice was dealt a major blow by the ruling.

Generally, only higher courts will rule against an existing precedent in the U.S.  So the question becomes when and if a higher court takes this issue up, will they come to the same conclusions?

The public in the U.S. will have to wait to see whether future justice follows the same logical, well-informed perspective of Judge Harold.

In the meantime, the ruling should prove tremendously valuable to those looking to defend themselves against the RIAA or other threatening parties.  Texas lawyer Robert Cashman, who has represented several individuals in scuffles regarding IP-related copyright claims, blogs, "We may have just seen the order that may end all future John Doe lawsuits."

Recent legal decisions have also cast doubt on entertainment industry organizations' claims that "making available" equated to file-sharing.
       



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Logic 101
By ShammGod126 on 5/4/2011 3:44:36 PM , Rating: 5
Whatever she's teaching... I'm listening.




RE: Logic 101
By callmeroy on 5/4/2011 3:58:11 PM , Rating: 2
You and me both...


RE: Logic 101
By euler007 on 5/4/2011 4:23:39 PM , Rating: 2
Anyone knows who she is?


RE: Logic 101
By Smilin on 5/4/11, Rating: -1
RE: Logic 101
By snakeInTheGrass on 5/4/2011 10:17:21 PM , Rating: 2
That's a vid-cap from the porn movie 'Head in the Class', so you're totally off base Smilin.

And there's a lot (lot!) of porn that has women that don't look as good as the one in the picture. Or so I heard.


RE: Logic 101
By AnnihilatorX on 5/5/2011 5:53:35 AM , Rating: 2
How you would pick that out astounds me

Well any women in promotional pictures of porn movies always look good thanks to photoshopping.


RE: Logic 101
By Mitch101 on 5/5/2011 11:33:02 AM , Rating: 3
Viv Thomas no photoshop necessary


RE: Logic 101
By deeznuts on 5/5/2011 2:33:40 PM , Rating: 2
Kayden Kross.


RE: Logic 101
By jajig on 5/9/2011 8:05:19 PM , Rating: 2
Now I know she has fake boobs the attraction is gone :(


RE: Logic 101
By callmeroy on 5/9/2011 11:37:04 AM , Rating: 1
Hmm...funny the only person going off on a tangient about the cute girl in the pic is you...yet we are "geeks" who don't see enough girls.

I'm perfectly secure with both my manhood and the women in my life, sorry to spoil your little attempt to throw your insecurities on someone else.


RE: Logic 101
By EricMartello on 5/4/2011 5:15:17 PM , Rating: 5
She's teaching an elective course entitled:

"Your Life as a Virgin and Why You'll Never Bone a Girl Like Me"

Appropriate for most of the DT readership.


RE: Logic 101
By ShammGod126 on 5/4/2011 7:33:49 PM , Rating: 4
I don't know what you guys are talking about. I just really want to learn some Logic... sheesh


RE: Logic 101
By snakeInTheGrass on 5/4/2011 10:18:07 PM , Rating: 3
That's the name of her logic class. :)


RE: Logic 101
By wushuktl on 5/5/2011 6:41:51 AM , Rating: 2
haha oooooo buh-zing!


RE: Logic 101
By callmeroy on 5/9/2011 11:39:30 AM , Rating: 2
So you've seen most of DT readers in real life for this assumption?


RE: Logic 101
By rs2 on 5/4/2011 9:01:22 PM , Rating: 1
Meh. Too blonde and too much makeup for me.


RE: Logic 101
By eldakka on 5/5/2011 2:38:09 AM , Rating: 3
quote:
I'm listening.


I'm not listening. I'm being bad. And should be punished.


RE: Logic 101
By SlyNine on 5/5/2011 5:26:44 PM , Rating: 2
Did you just say that in a Jerry Lewis voice?


RE: Logic 101
By Spookster on 5/5/2011 6:34:02 PM , Rating: 2
No it was a Gilbert Godfried voice.


Good
By RjBass on 5/4/2011 3:39:15 PM , Rating: 2
I have always feared that some 15 year old hacker would break into my wireless network and start downloading illegal material. I change my wireless pass codes every month, and use IPCOP as my router and only allow authorized mac address access to my network. But even with all that, a determined hacker could still get in. This ruling is fantastic news.




RE: Good
By Taft12 on 5/4/11, Rating: -1
RE: Good
By lightfoot on 5/4/2011 5:19:39 PM , Rating: 5
quote:
Only in the US can you feel fear even though you haven't committed a crime!

Only?? You're kidding right?

In most of the world people live in fear even though they haven't committed a crime. Very few countries have as much freedom and have as good rule of law as the United States. Yes, there may be corruption in the U.S. and yes, we may have law enforcement agencies and other organizations that overstep their bounds, but I assure you that our system is far, far better than most other nations in the world.

For example, try living in any one of the following countries without living in fear even though you haven't committed a crime:
China (massive corruption, lacking human rights)
India (massive corruption, rampant poverty)
Most of Africa (little or no rule of law)
Russia (massive corruption)
Mexico (corruption and rampant lawlessness)
Most middle eastern nations (religious persecution)

I would say that only in the US, Canada, Japan and a handful of Western European nations can you live without fear when you haven't committed a crime. The U.S. is the exception, not the rule; and it's definitely for the better.


RE: Good
By UnauthorisedAccess on 5/4/2011 7:01:05 PM , Rating: 4
Add Australia to that list of fearless countries. Though my personal opinion is that it's skewed too far away from the law makers as it appears that the courts prefer handing out warnings and are fearful of being harsh on minorities (be they social, religious, economic or racial)...but she'll be right, we're all mates in the end :D


RE: Good
By priusone on 5/5/2011 2:10:50 AM , Rating: 2
During a sweap, we found a bunch of liquor in some muslims house. He fell to his knees and begged us not to tell anyone. All we cared about was making sure that A) He had personal protection to keep him safe from fellow piece loving (boom) muslims, and B) He wasn't out to blow up his fellow arab neighbors (which the majority of ied's tend to do).


RE: Good
By Springfield45 on 5/5/2011 3:59:44 AM , Rating: 4
Thank you for your service.


RE: Good
By sabbede on 5/6/2011 10:14:33 PM , Rating: 2
Ditto
And did any of you have a drink with him? Could have been the only booze for a thousand miles...
It would have been a great way to help win hearts and minds.


RE: Good
By mmatis on 5/5/2011 9:28:45 AM , Rating: 2
Keep on suckin' them pigs. Hundreds of thousands of people in the US have learned otherwise. Of course, a bunch of them are dead for having been stupid enough to point a garden hose at a pig they didn't know was there, or wave a cell phone, or...

But sure, you go ahead if that's what you believe. Don't be surprised, though, when you find out you were wrong. Dead wrong.


RE: Good
By mmatis on 5/5/2011 9:34:59 AM , Rating: 2
And you can start HERE:
http://www.injusticeeverywhere.com/

to begin understanding just what this country's "Finest" are really doing. By the way, that daily listing comes from PUBLISHED reports of police misconduct which that one individual is able to collect. Please do note that MOST police departments treat misconduct as a personnel matter which is not subject to disclosure. And that they ALSO investigate themselves unless forced to allow an outside investigation. There's a reason it's called the Blue Wall. And it ain't because they're protecting YOU.


RE: Good
By slacker57 on 5/5/2011 4:56:44 PM , Rating: 2
Hey, look! There goes the point. Aw, too late, you missed it...


RE: Good
By sabbede on 5/6/2011 10:19:45 PM , Rating: 2
No, start here:
http://freedomhouse.org/template.cfm?page=363&year...
And learn the difference between isolated incidents of bad conduct and systemic oppression.


RE: Good
By Reclaimer77 on 5/9/2011 2:22:08 AM , Rating: 2
quote:
In most of the world people live in fear even though they haven't committed a crime. Very few countries have as much freedom and have as good rule of law as the United States.


Freedom is NOT the natural state of man. He needs to study history and understand why the United States was so unique in it's creation.


RE: Good
By rcc on 5/4/2011 5:44:20 PM , Rating: 2
File yourself under clueless and confused.


RE: Good
By IvanAndreevich on 5/4/2011 5:12:15 PM , Rating: 2
Not if you use good encryption and a strong password, unless that determined hacker gets a trojan onto your computer first - then wireless will be the least of your worries.


Nomenclature
By saf227 on 5/4/2011 5:44:34 PM , Rating: 2
I think you mean the title to read:
IP Address <> Specific Person




RE: Nomenclature
By Akrovah on 5/4/2011 6:59:11 PM , Rating: 5
Depends on the language. != is the C/C++, C#, and Java nomenclature for "not equal"

I have only seen <> in Visual Basic.


RE: Nomenclature
By Fritzr on 5/4/2011 7:35:50 PM , Rating: 2
Basic (all dialects)
Perl
All assemblers that I have used
Standard mathematical notation.

<> is the standard notation
! represents the NOT operator in C so NOT EQ is written !=
This has been picked up in other programming languages, but is only used where ! is used as the NOT operator.
Many languages substitute NE for the <> operator.


RE: Nomenclature
By StuckMojo on 5/5/2011 1:44:28 AM , Rating: 2
Standard SQL uses <>


RE: Nomenclature
By Integral9 on 5/5/11, Rating: 0
RE: Nomenclature
By Solandri on 5/5/2011 2:24:37 AM , Rating: 2
quote:
Standard mathematical notation.

<> is the standard notation

Standard mathematical notation is ? (assuming the character mapping works on this site).

But yeah, I've used !=, <>, written =/= on sites which can't display ?. I prefer != because it looks vaguely like ? and is rather distinct. <> is easy to mistake for (), c>, or even O depending on the font.

Also, the logic for <> is that since >= means "greater than or equal to" and >= means "less than or equal to", then <> should mean "less than or greater than", which for numbers is the same thing as "not equal to". But the logic doesn't work for non-numbers. e.g. "IP address is less than or greater than Specific Person" makes no sense. But "IP address is not equal to Specific Person" makes perfect sense.


RE: Nomenclature
By JediJeb on 5/5/2011 12:42:42 PM , Rating: 2
In the old macro language I have to use at work to program our instrumentation in the lab, ! is used to denote Remark so if ! is used anything following is meaningless.


RE: Nomenclature
By Fritzr on 5/8/2011 10:38:07 AM , Rating: 2
Grade school algebra
1<2, 3>2, 1<>3

The last operator means literally greater than OR less than.

The ? operator is one that I have never seen used as an NE operator, it is usually found as an operator in an IF statement meaning choose an option from the following list based on the condition.

Like the other arithmetic operators, the less than & greater than operators have been loaded with other usages.

The meaning of less than and greater than has been extended by assuming they mean later/earlier, larger/smaller, faster/slower...all of which translate to less or greater as a measurement.

So A before B in the alphabet gives A<B. C follows B in the alphabet so C>B. A is not C so A<>C. By assigning code numbers that have the same order as the alphabet computers can use these operators on the byte code representing the letters even if they cannot compare strings.

For those that can compare strings the shorter string is LESS THAN the longer string and if length is the same then the first mismatched char will be earlier or later than it's counterpart in the other string using the coding system for the char set.

? may be used in formal mathematics to disambiguate the <> operator, however in day to day usage it is used to mean what/why/where/when ... in other words to represent a question.

As far as your not being able to tell <>, () {}, [] and the other bracket chars apart, that is going to be a major problem for you if you decide to learn Perl where a(), a{}, a<> and a[] are all valid with different meanings :D


RE: Nomenclature
By sabbede on 5/6/2011 10:23:12 PM , Rating: 2
!= is used in many scripting languages. Even STATA uses ! as not and != as not equal.
I like to use it in inappropriate locations where it will likely serve only to confuse.


IPv6
By MozeeToby on 5/4/2011 3:36:16 PM , Rating: 1
Hey, at least now there will be some industry, government, and lobbyist support for implementing IPv6 nationwide. I'm sure law enforcement, the RIAA, and the MPAA will be more than happy to push for everyone getting their 65536 statically allocated to them. Not that such a solution will be unspoofable, but it'll create enough confusion to let them go through all of this all over again.

But hey, at least the consumers will get IPv6 implemented out of the deal. Better than we usually come out when lobbyists get involved, which is all negatives and no positives at all.




RE: IPv6
By ClownPuncher on 5/4/2011 3:50:10 PM , Rating: 2
This just means we will have a couple years of relative calm until the **AA's get to go gangbusters all over again.


RE: IPv6
By Gzus666 on 5/4/2011 3:58:05 PM , Rating: 2
There is already support to implement IPv6 nationwide, we are running out of IPv4 addresses. They ran out a month ago I believe and all that is left is what the carriers are willing to part with. I work for a carrier and I am going to have to implement IPv6 shortly. IPv4 won't be gone for a long time though, I expect dual stack for a considerable time period.


RE: IPv6
By Taft12 on 5/4/2011 4:16:02 PM , Rating: 1
You work for a carrier that still hasn't implemented IPv6? Your employer should have been ready to deploy at a moments notice YEARS ago!


RE: IPv6
By Gzus666 on 5/4/2011 4:21:47 PM , Rating: 5
Not really, We aren't gigantic and no one has asked for it. They are primarily Telco and are getting into the IP more heavily, especially since everything is going SIP now a days. I was just hired recently for that very reason :)

Christ, Cisco just implemented IPv6 very recently and they make the damn equipment, ha.


Did someone say, "Appeal"?
By Integral9 on 5/5/2011 8:32:42 AM , Rating: 2
So with this precedent set, doesn't this open the door up for a huge class action lawsuit against the MPAA / RIAA for all the lawsuits they attacked people with based on the IP address alone?




MAC addresses
By RedemptionAD on 5/9/2011 8:08:02 AM , Rating: 2
An ip address would be a zip code and a MAC address would be more like a telephone number, although both can be spoofed and a NIC/ Wireless card can be changed. Or proxy through another persons stuff and forward it after. There are a million ways to workaround the ip/MAC address/other methods of nailing down an exact person. It makes me wonder if these hackers are so smart, why don't they use these other methods? Security and useability are in opposition of one another. A perfectly secure system is perfectly unuseable.




War, what is it good for?
By 90014 on 5/10/2011 12:55:04 AM , Rating: 2
Stop the War on Drugs, the War on Terror and start the war on lobbyists and bankers.




By khaydin on 5/24/2011 12:42:22 PM , Rating: 2
An IP address should not be submissable in court as evidence in certain cases. Most of the accused people are probably receiving their IP address from a DHCP server. DHCP addresses change every so often. Hell, the power at your house could go out and when it comes back on you could get a new IP Address. If you release/renew the address from your computer/router you could get a new IP address. Unless the ISP keeps a record of what IP address a specific account had in a specific time range OR the customer had a static IP, an IP address is completely useless as evidence. Maybe if they could get your MAC address and compare it to your computer(s)/router, but there's still the problem of who did it if there are multiple users of that single computer/router. I would love to see the time frame of when they discover the IP address and when they actually take some kind of action against these people. I'm sure it's several months - more than enough time for their IP address to change again.

It just sucks that the RIAA is preying on people who have no clue about computers, and even worse the judges/jury probably don't know enough about networking to even fairly deliver a verdict. It sounds like from the article above that people who were innocent were pinched because the court system didn't understand that an IP address can change frequently.




More like a phone number than a zip code
By Beenthere on 5/4/11, Rating: -1
RE: More like a phone number than a zip code
By Gzus666 on 5/4/2011 4:29:47 PM , Rating: 5
No it isn't. To deal with the looming IP shortage of IPv4 and the Internet boom, they developed NAT. This translates one public IP at the gateway into tons of computers on the LAN. You can have wireless or wired devices on this LAN and no one on the outside has any idea the difference. You could run hundreds of computers out of your one IP address and no one would know which one did what based purely on the IP.

It is a good start with IP, you can trace it back to a gateway, but it doesn't trace it back to a specific device or person.


RE: More like a phone number than a zip code
By Fritzr on 5/4/2011 7:51:42 PM , Rating: 2
To explain the reasoning of the judge.
Assume the IP connects to a single modem attached to a single computer. Who was sitting in front of the computer? This is the case that the lawyers claim for all IP addresses while claiming that only the named subscriber has access to the computer.

The reality is that a router is connected to the modem and the house across the street and neighbors in 2 or 3 houses to either side can use the router. All of those will share the same IP address. A router in an apartment building has a much larger number of potential users. So which of 5+ physical addresses each housing multiple people belongs to the IP address? The lawyers argue that the subscriber is legally responsible for the actions of the neighbors. This judge says that the person committing the crime is responsible and would the lawyers please ID the individual and then try again.

The reality of the IP equivalent to phone number is correct, but today those phone numbers are still tied to the payphone in the apartment building lobby.

IPV6 will not solve this problem. Wireless routers will continue to firewall the connection concealing the number and identity of connections behind that firewall.

Even if the machine IP is statically allocated and identified. Who owns the computer and where is it physically located? A war driver for example need only to assign themselves an IP address on the private LAN when they log in to it. This applies to both unsecured and secured with broken password.

The current wireless password systems can be broken by a laptop in less than an hour so while securing your router is good, it will not stop those that take the time to learn how to break in.


RE: More like a phone number than a zip code
By Gzus666 on 5/4/2011 10:46:44 PM , Rating: 2
Probably don't need to explain basic networking to the network engineer, but OK.

You are incorrect, IPv6 allows everyone to have a real IP without NAT (it is NATing that conceals, not firewalling). In fact, with IPv4, every device was intended to have its own public IP until the boom. When they instituted NAT, they carved out private IP space and reserved it for that purpose.

Now, the reality is you can still use NAT with IPv6 and I'm unsure whether the residential ISPs will be implementing NAT or not. They might not since we have so many addresses and it would be easier for them to just set a static IP for you. Not to mention the usual pitfalls of NAT.

I agree with the judge though, you cannot verify the person using the IP.


RE: More like a phone number than a zip code
By eldakka on 5/5/2011 2:45:20 AM , Rating: 2
quote:
IPv6 allows everyone to have a real IP without NAT


There are other reasons for NATing. Such as security. Preventing those outside your network from obtaining your internal network topology, number of devices and so on.

It is essentially irrelevant whether or not ISPs do NATing of IPv6. When the internet moves fully to IPv6, whether or not ISPs do NATing, many organisations will continue to NAT for security purposes. I know I will.


RE: More like a phone number than a zip code
By Gzus666 on 5/5/2011 1:10:35 PM , Rating: 2
Yea, exactly like I said. You don't have to explain networking to me, especially when I addressed what you said. I clearly pointed out that the residential ISPs will likely do it that way, enterprise has their own CPE and admins, so they can do what they wish. There are benefits to not using NAT, especially in the SIP world, so you have to weigh the pros and cons as an organization obviously.

Clearly the concern of the article is home users.


By Azethoth on 5/5/2011 6:25:31 PM , Rating: 2
Bottom line it for me. I need to run a naked wireless router when doing illegal internets stuff so that I can blame random other peeps?

Also, if we get rid of NAT after ipv6 would that not help track down spamming bots?


RE: More like a phone number than a zip code
By Drag0nFire on 5/5/2011 12:39:14 PM , Rating: 2
I'm just playing devil's advocate here... this is not my personal view.

But couldn't one argue that regardless of whether the activity could be directly traced to a single computer, a crime has occurred at that location that merits further legal investigation? To me, this is akin to catching a license plate of a car fleeing the scene of the robbery. I can't prove that the owner of the car is the culprit, but I'm also never going to be able to catch the culprit without following that lead.


By khaydin on 5/24/2011 12:47:01 PM , Rating: 2
But how do you know it happened at that location? IP addresses can change. Here's a scenario:

Person 1 downloads movie.
RIAA finds out, records IP Address.
Person 1's IP Address changes due to being dynamic.
Person 2 get's Person 1's old IP Address.
RIAA goes after Person 2 when they should be going after Person 1.


"This is from the DailyTech.com. It's a science website." -- Rush Limbaugh














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki