Fingered by the movie cops

Under today's copyright laws, you are guilty until proven innocent. I know -- it happened to me.

Aug 23, 2001 By Amita Guha

One recent Monday, my boyfriend and I returned home from a long weekend away. As usual, one of the first things we did was check our e-mail, only to discover, to our dismay, that Time-Warner Cable, our Internet service provider, had cut off access to our account sometime around midnight the Friday before. My boyfriend, a software engineer who takes his e-mail seriously, called the tech support line and was transferred to several people that evening, none of whom could help. All he could find out was that the account had been suspended for "security reasons."

The next morning, we received an express-mailed letter from Time-Warner Cable, which stated that the Motion Picture Association of America (MPAA) had accused us of distributing copyrighted material. The MPAA had determined that someone, supposedly with an Internet protocol (IP) address assigned to our computer by Time-Warner at the time, had distributed the material on July 4. The part that got me was the second paragraph: "In accordance with the Digital Millennium Copyright Act, 17 U.S.C. Section 512, (ISP name) has removed or disabled access to that material."

I can’t describe the shock I felt reading that someone in my household had been accused of breaking the law. Even worse -- we had evidently been tried, found guilty and penalized before we were even told of the accusation.

The letter went on to inform us that our account would be suspended for one week, pending assurance from my boyfriend that it wouldn’t happen again. There was no mention of what materials we had distributed.

My boyfriend called the number given in the letter. After 24 hours of phone tag, he finally spoke to a network technician, who told him the details. The MPAA had found out that someone had uploaded a movie to Usenet, allegedly from our IP address, on the evening of July 4. However, at that time, we were out watching fireworks. There is no way we could have been responsible for the infraction. My boyfriend logs all network activity on his machines, and there was no activity at the time we were allegedly dealing in pirated flicks. When my boyfriend suggested that perhaps the MPAA had transposed the IP address, the network guy said that that was not possible. When he asked for a hard copy of the information the MPAA had sent them on us, Network Guy agreed to send one, but as of this writing had yet to do so.

Before we could regain access to e-mail, Time-Warner Cable required a signed letter from my boyfriend promising that he wouldn't upload any copyrighted material. A few hours later, we were able to restore our e-mail accounts. It took over 48 hours to clear everything up.

But it'll take a lot longer than that to undo the real damage. The incident raises some serious questions about where our society is headed, as the corporations who guard intellectual property such as movies and popular music get ever more zealous in their attempts to prevent unauthorized use.

Why did Time-Warner take the word of the MPAA and immediately cut us off without even asking us about the allegations, or even notifying us about what was going on? We were our ISP's customers, not the MPAA -- although, of course, Warner Brothers is a member of the MPAA too. But when we asked Time-Warner about it, we were told that they "had to take immediate action."

I later learned that under the provisions of the DMCA, an ISP does indeed have to take action immediately when it is told about a case of copyright infringement. Doing so protects the ISP from liability for the transgression.

But how exactly did the MPAA get its information about the movie that we supposedly uploaded to Usenet? Is our every move in cyberspace being watched?

Basically, yes. As I researched further, I discovered there is a burgeoning industry based on patrolling the Net for copyright abuses. There is, for example, Ranger Online, a company that provides "Intelligent Online Scanning" technology to organizations such as the MPAA.

I decided to try to find out exactly how the MPAA tracks online piracy. I spoke to Emily Kutner and Hamanshu Nigam of the MPAA and told them that a friend of mine had been accused of online piracy. They walked me through the procedure they use to find cases of copyright infringement.

The MPAA looks for people who are distributing movies in any form that they are not authorized to. It uses Ranger Online’s software to monitor multiple areas of the Internet, including IRC, Gnutella, Usenet, Web sites, auction sites and ftp sites. It does this on an international basis. When it finds a location that is distributing copyrighted material, it identifies the owner and the host of the material. Citing the DMCA, it sends a letter and notifies the alleged perpetrators that they are infringing on a copyright.

When I asked exactly how they find an instance of piracy (for instance, what search parameters they use), Nigam told me the methods were proprietary information. I was particularly interested in this aspect of the process, since I was, and still am, very curious as to how the MPAA decided we had pirated a movie. Nigam did say that by the time an ISP is notified of a copyright violation, every effort has been made to determine that piracy has been committed.

Nigam also told me that if I told him my friend’s IP address, he could find out exactly what had happened in his case. I told him I’d have to check with my friend first. Kutner then said that if my friend were truly innocent, he wouldn’t have anything to hide.

The thing is, he didn’t have anything to hide in the first place, and he was still accused.

My boyfriend doesn’t actually care so much about his good name. He is angry that a service he pays for was interrupted for no reason. And he is worried that the MPAA will harass him some more if he reveals his IP address. Perhaps his fears are groundless, but if you had been wrongly accused and penalized, you would be worried, too.

A large, powerful organization managed to stick its nose in our business and cause us days of inconvenience and aggravation. We weren’t given the chance to defend ourselves until after action had been taken against us. If we are accused again of distributing copyrighted material, we lose our accounts for two weeks instead of one, and face banishment from our ISP. And not a bit of this is under our direct control.

Nigam told me that if my article had a moral, it should be that piracy is illegal and no one should trade movies without permission.

This article does have a point, but it’s not about piracy. It’s about a flawed piece of legislation that allows a person to be penalized for an alleged action before he has the chance to defend himself. The moral of the story is that the DMCA allows you to be tried and judged guilty before you even know what has happened. The MPAA could have my account shut down immediately -– or yours -– and there’s nothing any of us could do to stop it.

The MPA has a Contact/Reward Program for any information that leads to the successful prosecution of movie piracy:
http://www.mpaa.org/anti-piracy/contact/index.htm

IF (and I seriously question the veracity of the author) the IP address was targetted in error or was spoofed by a serious hacker, then the "boyfriend" could hire an attorney and go after the ISP for the loss of service. It would be a lot of money for a little thing, but if there is a regular problem, some enterprising attorney WILL file a class action suit.

I suggest that the statement about the boyfriend keeping logs is a bunch of hooey, and more likely he either did upload the movie OR did not have a decent firewall and had his computer wide open to the control of an outside agent, who used the convenient open high speed connection to upload a file without being caught.

People who do not use a firewall are like drivers without insurance. The rest of us pay for their accidents and I have zero sympathy for them or their problems.

Frankly, the article sounded like a lot of California whining to me.
MP3s and movies are not part of Maslow's hierarchy of needs, and can legitimately be held as private property. If the poor babies can't get email for a day, they need to find the source of the problem and not cry out "Help, Help! I'm being repressed!" like some member of an anarcho-syndicalist commune.

The problem is that it is trivially easy for one cable modem
user to steal another's IP address. All the bad guy needs to
do is find an unused IP address, go into network configuration,
and change his IP address to that address. Then he can do a
bunch of bad stuff, change his IP address back, and no one has any
way of figuring out what happened. Cable modems have extremely poor security.

Another thing is, the allegation is that this IP address was used to upload data onto Usenet. Since the development of the internet, Usenet has fallen to the sidelines, and needs explanation. Each computer participating in Usenet has a list of newsgroups with messages in them. When you post a message to usenet, you upload the message to one computer. Usenet hosts are programmed to periodically talk to each other, and exchange all messages that they don't already have a copy of. This is VERY different from a web based system like film-tech, where a message exists on one computer, and anyone who wants to see that message has to browse to that particular computer. The idea of Usenet is that once I post a message, within hours, that message is on thousands of computers. Someone who wants to read usenet can then connect to any of those thousands of computers.

If the culprit actually did upload a movie to usenet, then that isn't something that is easily or casually done. It involves uuencoding the movie, breaking it into dozens or even hundreds of files, and running a script to post each part to usenet as a separate message. Someone who had gone to all the trouble to learn how to do this would be more inclined to shut up about it, so as not to draw attention, then to write an article to salon about it. Very few people have the skill set needed to get a movie posted to Usenet. It is VERY likely, if not certain, that what happened here is that some hacker hijacked this person's IP address, and uploaded the file to Usenet.

And finally, it should be pointed out that this is an abuse of 17 USC 512. The purpose of a "takedown notice" like this is to disable access to a work or service. In other words, if a person has a computer that is hosting an FTP server, or a Napster server, or a web server with infringing material, then Section 512 can be used to disable access to that server. The purpose of Section 512 is to get infringing material off the net.

What happened here is quite different. Someone used this person's IP address to upload a work onto Usenet. Once the material was uploaded onto Usenet, it was sent all over the world and spread over other usenet servers. In other words, sending a Section 512 takedown notice was inappropriate, because it was not done for the purpose of disabling access to infringing material. In this case, it was done for the purpose of intimidation and reprisal.

In my opinion, the author has damn good reason to be hopping mad. This is a classic case of blame-the-victim. The cable companies are providing an insecure service, where subscribers can trivially hijaak each other's IP addresses, and they refuse to accept that they are responsible when abuses such as this occur, not the IP hijaak victims.

Please don't talk to me about usenet. I've not only used usenet for years but I've reverse traced spammers and had their service terminated, ripped apart aliases, and dug so deep rooting out a__holes that I've been cancelbotted, spoofed into the alt.religion hierarchy with cute little posts about sex with gerbils, received threatening e-mail, and had to send supporting info to the news admin. of my ISP in response to someone trying to get my service terminated. After seeing my supporting documentation, the admin. told me in effect "go get 'em tiger." BTW, I've no desire to be a network admin. after hearing the problems he had to deal with, and I've since become bored with rooting out spammers or publicly ripping them apart.

BTW, uploading to usenet isn't as big a deal as you seem to think. I'll bet even Joe R. could do it.

I'll agree with you that constant-on doesn't have the inherent protection of dial-up against certain types of abuse, such as DOS attacks, and that more advanced hackers with access could do a man-in-the-middle attack, but the relative chances of a M-I-M attack occurring compared to that of a girlfriend being over-ethusiastic about her boyfriend's computer abilities speak for themselves.

"It is VERY likely, if not certain, that what happened here is that some hacker hijacked this person's IP address, and uploaded the file to Usenet." -I tend to agree, but I suspect the method has more to do with lack of firewall protection than any higher level crack.

Scott or someone else can inform you about ISP logs, MAC addresses, and how cable and DSL get shared. Since this isn't usenet and I can't get either DSL or Cable to test out some of what I've read first hand, I'll keep my fangs pulled way in.

The second issue, Sklyarov, is an entirely different issue, but one that seems much more supportable as a bona-fide "free speech" issue. It has all the markings of a set-up for a major test case.