OK, hosting music is not a crime. It’s OK to host music for your own personal use, and download what you already own. The crime they go after is illegal distribution, in this case, uploading. It’s the same as if you made a copy for a friend. Copying the CD (in our analogy, hosting) isn’t a crime, but giving it away (uploading) is.
Data is probably still recoverable from the drive via pricey clean room shops, costs about $2K.
What does it matter if she was there or not? If I understand things correctly, they are accusing her of making the music available to others. She doesn’t have to be present at a particular time for that.
One way is that suppose I am on a school network. I open up a folder and put some music in it and make it available to everyone on the network. As long as my computer is turned on others can see my music and download it. She may not have even known she was doing this. Is this not illegal? Students at my university were threatened for doing this exact same thing a few years ago.
You are right that she could have paid 2-3K to have the data recovered. However, she has no money and I was not about to pay that much so she could have her music and pictures back. The thing was ditched, and as mentioned it all happened around a week or so before the date of the letter. And I am sure that can be verified by the IT department, or at the very least, the fact that a new hard drive was ordered from Dell should well be proof enough, given it was before the letter was ever produced. So now, it seems to me, she can say “I never had Gneutella/Limewire on my computer, the MP3’s were all part of CD’s I purchased, and I have no idea how you or the school screwed up, by they certainly did.” And one more thing, they give a short list of about 8 songs with the letter demanding payment, and my daughter swears she has never had interest in two or three of the artists named and there is no way it could be on her computer. She also states that she did not have Limewire, but if she did, there is no way it would be up and running when she was out of town, and if she did, she would have disabled uploads. It honestly sounds to me like they messed up.
The downloader in these cases is a contractor that has permission from the copyright holder.
Also, it’s unclear whether downloading is illegal. If you buy a CD and make MP3s for playing on your Ipod, that’s recognizable fair use. What if you prefer to download the MP3s rather than rip/encode yourself? What if your CD was scratched and you want to make a backup copy? They avoid these questions by not suing people for downloading. There are arguments for uploading as fair-use but the people technically inclined enough to be employing them should have the knowhow to secure a household intranet jukebox file share (for example) from the outside network… so that’s a bit of a double edged sword.
Keep in mind that a lot of P2P programs upload fragments automagically while you’re downloading… so don’t think you can just download willy-nilly and unshare the files after they finish and be in the clear.
When bits are coming out of your machine, you’re uploading. When bits are coming into your machine, you’re downloading. When the bits are sitting on your machine as part of a network share, you’re hosting.
When a user requests a download and the host authorizes it, you’ve begun uploading. Arguably, the downloader could have a fair use right to the works you’re uploading, but you have no authority to supply the works unless you own the copyrights or have been granted license by the rights holders.
Jurph’s example illustrates the idea, somewhat. It doesn’t matter if the downloaders have a legitimate claim to the content, unless you’ve been granted a license to publish from the relevant rights holders, you have no authority to upload (i.e. publish) copyrighted works.
I see that reports on the pre-lawsuit extortion letters are filtering into the mainstream media over the past few days.
So, dauerbach, what’s the status?
Wanted to see if anything had happened after I saw this.
If you are going to seek out a lawyer, you might as well get one with some experience in dealing with the RIAA.
Interesting, I heard about the same case (Spice Girls etc) on the BBC World Service last night - but they did not say she paid up. IIRC they were going for a lawyer - and the father said he did not have $3000 going spare.
I’m sure there is a strong case for unauthorized disclosure of personal information to unauthorized third parties.
Right now, I have been gathering information. Today, I will talk to the Dean of Students at her school, the guy who forwarded the letter to her the day exams started. Then I will talk to the IT people, and find out how long they archive their DHCP assignments. The norm seems 30 days, the date/time stamp on their “evidence” is dated 0400 on 2/16/07 so it seems very possible that she had the current IP address sent in by the RIAA but no way to show who had it on that date. Next, she can easily prove that she was 120 miles away at the time. Last, I need to talk to their tech people and see if they have any record of her bringing in her computer 10 days before the letter was written, when they diagnosed a totally dead hard drive, or will just have to rely on the order for the new hard drive from Dell. I will keep you posted.
So I learned today that the school did have a record of the IP address mentioned in the letter which corresponded to my daughter’s MAC address as a block of time that included the time the information was gathered by the RIAA. The head of IT emphasized several times that this information is gathered and kept for system troubleshooting, not for the purposes used by the RIAA and does not prove that her machine was connected at that time. I am not really sure I understand why that is so. It seems like it would. Can anyone explain this to me?
I also have a document by one of the professors that states that she was three hours away with 24 other team members from the day before to two days after the RIAA collected the information. It seems to me that this is absolute proof she was not in control of the computer at that time, and that she can simply claim she has no idea who might have using her computer then.
DHCP leasing, probably. Clients are identified by MAC address and assigned an IP address for some amount of time at which point it may be renewed (if still in use) or reallocated (if unused for some amount of time).
See if you can get the allocation logs as relevant to your daughter’s MAC address and the IP address the RIAA is interested in. Just for the events close to the dates in question.
See if they have WIFI access and how they authenticate. It could be as simple as snort and MAC spoofing for someone else to have network access (by pretending to be your daughter’s computer).
I have a feeling the IT guys at the school are less than the MAFIAA’s biggest fans. It sounds like you’re planning on fighting it (yay), they may be inclined to help, unofficially of course.
It largely depends on how the school administers their network.
“Not in control of her computer” doesn’t matter. You don’t actually have to commit the crime to be liable anymore for a wide variety of offenses (that is a whole 'nother can of worms). Not able to have done it and a reasonable doubt that someone with malicious access to the network could have done it? It won’t be worth the fight.
Do you want wider publicity on this if you decide to fight?
I would stick to the first line of assault, they have no right to hand over personal information to third parties.
The next step is that they handed over false information and have libelled your daughter.
The trick is to keep the high ground, if her university think that you are going to go for them - and set a precedent - then they’ll back down and say that the guy who handed over the ‘evidence’ was acting outside his remit and is now sacked.
You have a pretty good case, the timing has probably damaged your daughter’s exam results - it could result in loss of earnings for years.
Stick it to the university - as soon as they back off the RIAA cease to have reliable evidence, and at that point you start harrassing them - I can actually see the RIAA settling out of court with all your daughter’s contemporaries - which would be highly amusing.
IANAL but I’ve made internal lawyers of large companies back off twice.
Thinking about it, you could open a second front directly with the RIAA, accusing them of libel and harrassment - chances are that they’ll cave in.
The information regarding DHCP leasing and Snort and spoofing is great. If we decide to fight it, I will definately want lots of publicity. I have not yet decided if we are going to fight it or not. As the RIAA well knows, it is a risk/benefit thing. Spending 10K to save 3K is certainly the moral high road, but maybe not the best financial pathway. I have her trying to find free legal help, given the fact she is the legally responsible party and has no income, but she has so far been unsuccessful.
Based on the questions asked by 1010011010 I asked for information, and received the following response:
I’m copying in below here a general statement of how we matched up the data – it might be helpful in your research. The logged data talked about here is from our ARP cache, that is, the logged data from the routers. For DHCP leases, we keep the data for approximately two weeks. (I think this is what you’ve found some other schools might keep for 30 days.) We have the ARP data for about 9 months, kept on hand to diagnose network problems. In some of the RIAA situations we must use ARP logs rather than the DHCP logs because more than two weeks have passed by the time we get a complaint or request.
The IP addresses are not assigned to computers; they are dynamically allocated each time a computer boots up on the network. There are many cases where someone will get the same IP over and over, and many cases where the IP changes. And of course, when the computer moves geographically, like a laptop, it will get an IP address in a completely different range.
To attend to the RIAA complaints, we correlate logged data with the RIAA report. We have logs which show that the IP address reported by the RIAA was in use by a particular MAC address during a period of time including the RIAA reported date/time.
Then we look up the MAC address, which was linked to the name of the person who registered that MAC (computer hardware address) through the Cardinal system, generally the first time the computer was put on the network in the current year.
As for the February date you’re asking about, we will have ARP data available. Is there a specific time your’e looking at? I will need to get permission from counsel to provide the data I find.
For wireless we don’t do a separate authentication. Once a student (or faculty/staff) have registered any particular computer through our Cardinal system (DHCP registration), it’s good for a year. When they get on the wireless network, behind the scenes a match is made to their MAC address and they are allowed through. Like most places, although we have many protections in place, we’re not completely immune to spoofing.
My words now: unfortunately, my daughter was hard wired in, not on a wireless network.
Any help in interpreting what I was told, and any further advice/information/ weaknesses in this system regarding the weakness of this system for RIAA purposes would be extremely helpful
Also, to 1010011010, I have a feeling that there might be further information I could give that I do not want to post publicly. If you are willing, email me.
At a trial, the RIAA would have to prove by preponderance of the evidence that your daughter was liable for the actions they are alleging.
In several discussions of this type, I see the word ‘guilty.’ That word gives rise to associations with the criminal justice system, in which the government must prove ‘beyond a reasonable doubt’ that the accused commited the criminal acts in question. Here, at a civil trial, the standard is only ‘preponderance of the evidence,’ sometimes described as a balance scale. If the evidence tips past 50% in one direction, that’s sufficient to reach a verdict.
The tech is just describing in simple terms how DHCP works and how the results are logged. And a couple implementation specific things about how and how often they authenticate. Visit the school’s website and look at the FAQs and user guides about getting network access.
It really does sound like all you’d need to do is MAC spoof to pretend to be an authenticated computer and they’d grant you network access. I’d be surprised if that’s actually the case. Ask your daughter (or have her ask her friends) what kind of hoops they have to jump through to access the general internet via school points (wired and/or wireless).
Even if she doesn’t use it, does the computer have wireless capability?
Yes, her computer definately has wireless capability, although her dorm is hard wired. I will have her ask around about how hard it is to get general internet access. I assume it is not difficult to spoof a MAC address, although personally I haven’t the slightest clue how to do it.