Saturday, July 14, 2007

Virginia Judge Denies RIAA Ex Parte Motion Against College of William and Mary students in Interscope v. Does 1-7

In Interscope v. Does 1-7, an ex parte proceeding in the Eastern District of Virginia, in Newport News, Virginia, in a 5-page decision by Judge Walter D. Kelley, Jr., the Court denied the RIAA's ex parte motion for an order granting discovery into the identities of students at the College of William & Mary.

This is the second such ex parte motion of which we are aware that has been denied recently, the first being Capitol v. Does 1-16, in which the RIAA sought information about University of New Mexico students.

July 12, 2007, Denying Ex Parte Motion for Discovery*
(Published at 494 F. Supp. 2d 388)vacated on reconsideration 6/20/08)

* Document published online at Internet Law & Regulation

Commentary & discussion:

p2pnet
Slashdot
Ars Technica
Slashdot (Story on multiple cases)
The Flat Hat

Digg!



Keywords: digital copyright online law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs

7 comments:

bbsux said...

All I can say is, wow.

The way I read this sounds like:
------
Not only are you misreading/misapplying the law you quote to subpoena the info, the only other law that could possibly support your claim is listed here -- however it would only allow for you to order a "block" of the infringing material and not get personal information.
------
Am I right?

Ray Beckerman said...

bbsux said.....

The way I read this sounds like:
------
Not only are you misreading/misapplying the law you quote to subpoena the info, the only other law that could possibly support your claim is listed here -- however it would only allow for you to order a "block" of the infringing material and not get personal information.
------
Am I right?


100% right.

Judge Kelley said, in a slightly more polite way:

"the whole statutory basis for your motion is nonexistent.... why didn't you read the statute before citing it?" and

"why didn't you mention the real statute for this kind of thing, which DOESN'T allow this kind of motion against a COLLEGE?"

Mike O'Donnell said...

It's not key to this decision, but I am disturbed by the assumption about IP numbers that appears to be accepted without question in a number of legal discussions, including this court decision:
"Plaintiffs have identified each defendant by the unique Internet Protocol ("IP") address assigned to that defendant on the date and time of their alleged infringing activity. Plaintiffs seek to discover from the College the identity of the persons to whom these IP addresses were assigned."

1. IP addresses are never assigned to persons. They are assigned to network interfaces on particular hosts or virtual hosts. A virtual host is pretty much any computational abstraction we like.

2. IP addresses are not assigned by any authority with the mission to identify the persons responsible for the network interfaces to which they are assigned. In most cases, the assigner has no competence to make such an identification.

3. Most IP addresses are in fact assigned by an immediate neighbor on a local area network. Furthermore, that neighboring router is the only agent that deals with the assignment in any way. Incoming traffic to a given IP address reaches the "assigned" interface through the information stored only at that neighboring router.

4. Network protocols provide no way whatsoever to determine whether incoming traffic to a particular IP address has been solicited by some action at that address, or is gratuitous. (It is not at all crazy to worry that some offending traffic is generated by RIAA action in its attempts to identify offenders, and probably not even as a conscious attempt to frame the recipient).

5. The IP number given as return address in a packet is provided initially by the actual sender, which may (and in the case of an attacker often does) provide an address used by another interface not at all involved in the production of the packet. So the return IP address in a packet received by an RIAA detection effort does not indicate even the IP address of the actual sender in any reliable way.

I am one of at least thousands of people who could easily provide expert testimony on the points above.

Tracing of identities through IP numbers can definitely have value in law enforcement, but by itself an IP number on a packet has only suggestive value and is not reliable evidence at all. The association of packets bearing a particular IP number with the actions of a particular person depend on assumptions about the behavior of that person and all other persons who take actions causing packets to be transmitted (since any IP number can be entered by any network software anywhere, with no necessary connection to the network interface "assigned" that number).

Mike O'Donnell
http://people.cs.uchicago.edu/~odonnell/

Larry said...

I'm not sure the Judge in this case is making that assumption. I think he is just stating a fact that the way the plaintiffs have identified Does 1-7 is by IP address.

Mike O'Donnell said...

"I'm not sure the Judge in this case is making that assumption."

Nor am I, nor did I mean to suggest it. The assumption is there, it was not refuted (perhaps only because the case was decided on other grounds), it needs to be refuted.

Mike O'Donnell

AMD FanBoi said...

AT MINIMUM, at this point in the proceedings the RIAA should be required to do more than just supply IP addresses, a timestamp, and a file list. They should be in some way required to show that their collection of IP addresses is accurate, AND MORE IMPORTANTLY, that their computer clocks logging this information are completely accurate.

And before ANY ISP RESPONDS by giving out subscriber information based on this information, THEY SHOULD BE REQUIRED to verify the accuracy of their own logging timestamps.

THIS IS CRUCIAL in identifying the Internet subscriber who is about to be extorted and likely sued, and even identifying that subscriber hardly identifies which computer, and which person, might have actually been sharing files! Given the amount of grief about to be descended on the identified person, this evidence should be subjected to the closest scrutiny, and pass a high bar of accuracy, before any identifying information is released. For now, it seems to be taken verbatim, and without question.

Interesting that this is listed as the Cable Communications Policy Act of 1994. Does this mean that DSL-based broadband receives different treatment than cable? What about a WiFi connection? College connections may well be direct direct network connections, which are none of the above. Certainly the RIAA cannot know what type of connection an individual user has without already knowing who that user is? An IP address doesn't automatically tell you the type of connection in use. Or just who the probable owner of that IP address space actually is.

So how is it that this point has never come up before? Let me guess. Nobody has ever seen the ex parte subpoena motions before. I certainly don't recall seeing any of them posted here before. This probably explains why.

Ray Beckerman said...

AMD FanBoi said...

So how is it that this point has never come up before? Let me guess. Nobody has ever seen the ex parte subpoena motions before.


You're good.