The content industry is stepping up efforts to root out piracy on college networks, and a new report shows exactly how.
As it turns out, the actual methods used to detect pirates aren’t very sophisticated. The RIAA gives a list of files to watch for to its hired watchdog Media Sentry, who then searches for infringing materials on common peer-to-peer networks, such as Limewire. Media Sentry sometimes runs the same client as most of the networks’ users, using the network client’s built-in facilities to harvest users’ IP addresses and browse their shares.
As reported earlier this month, a number of universities reported a tenfold increase in the quantity of DMCA copyright notices they received. At the time, the only thing that college administrators and observers could do was guess as to the RIAA and MPAA’s motives, as content industry spokespersons remained silent.
Since then, RIAA president Cary Sherman broke the silence last week in an interview with Inside Higher Ed, attributing the increase to a “phenomenal jump” in Media Sentry’s computing efficiency.
“It’s the same procedures, the same standards, the same list of copyrighted works that we’re using,” said Sherman. “The Internet is a huge place, and there are millions of people connected to it … The amount of resources you put into sending out requests for specific files makes a difference; the more requests you make, the more you’re going to find.”
“We don’t think there’s any more infringement going on,” Sherman added. “We just think there’s more detection of infringement.”
Published Tuesday, The Chronicle of Higher Education detailed an invitation it received to personally observe the enforcers at Media Sentry in action: an RIAA representative (who wishes to remain anonymous due to concerns over hate mail) demonstrated the firm’s methods for searching for infringing files over Limewire. The actual methods are now considerably automated, matching Sherman’s previous statements: Media Sentry searches for songs in its list with a script, which returns a list of results. With results in hand, the script harvests each entry’s IP address and confirms the authenticity of the file in question, then proceeds to search that user’s shared folder for more.
It’s important to note that in most cases, Media Sentry investigators “do not usually download suspect music files.” Instead, they will try to hash the file remotely; if a hash comparison fails, investigators will download the file and attempt to verify its contents using Audible Magic, a program that specializes in recognizing an audio file’s sonic characteristics. Investigator will only hear a file in only two cases: if the fails both the preceding checks, or if he or she is gathering evidence for litigation.
Regarding the letters themselves, the RIAA says that a full-time RIAA employee reviews each pre-litigation letter for legitimacy, as well as to confirm that the targets lives in the United States.
Despite the necessary human review, however, the RIAA’s search-and-identify process is still largely automated, and it can tag hundreds of users a day.
While the RIAA admits that it has shifted its focus to universities in general, it says doesn’t single out particular schools, contrary to the claims of a number of university network administrators. Further, the RIAA only uses the automated process it demonstrated to the Chronicle against universities -- the automated takedown program is “solely university-focused,” said the unnamed RIAA representative. “We're trying to make universities aware that they have an issue with peer-to-peer file sharing on their network, and so we don't send automated notices to commercial ISP's, I think because they are generally aware that there's a problem.
“We have no capability of targeting any school at all … technically we can't do it. We find what we find with this process, and that's what we send to schools.”
RIAA representative Cara Duckworth acknowledged the process has its shortcomings: investigators have no way of knowing if someone else actually downloaded a song, and its process is only effective against targeting users that offer a particular file for download.
Investigators don’t seem to be phased by recent changes in legal precedent. With Atlantic v. Howell’s determination that making a file available for download does not infringe a copyright owner’s distribution rights, it is unclear if and how the RIAA’s investigation techniques have changed.
quote: Universities rarely ever limit or enforce any traffic monitoring or traffic shaping in their networks.
quote: Exactly. I worked for IST at the University of Waterloo
quote: I could quite frankly care less