Thursday, November 01, 2007

Oregon Attorney General Says No to RIAA; Files Motion to Quash on Behalf of University of Oregon; Says RIAA Evidence Doesn't Identify Infringer

As reported by Tony Green in The Oregonian:

In Arista v. Does 1-17, a new ex parte case to get discovery from the University of Oregon about the identities of its students, the Oregon Department of Justice has made a motion, on behalf of the University of Oregon, to quash the subpoena obtained by the RIAA.

This is the first such motion of which we are aware that has been made by the university itself, rather than by the students.

It is also the first instance of which we are aware of a State Attorney General bringing a motion to quash an RIAA subpoena.

The motion papers of the Attorney General argue that it is impossible to identify the alleged infringers from the information the RIAA has presented:

7. [We] have attempted to identify all seventeen alleged infringers and have been unable to do so.
8. Five of the seventeen John Does accessed the content in question from double occupancy dorm rooms at the University. With regard to these Does, the University is able to identify only the room where the content wis accessed and whether or not the computer used was a Macintosh or a PC. No login or personally identifiable information, i.e. authentication, was used by the Does to access the University's network because none is required. The University cannot determine whether the content in question accessed by one occupant as opposed to another, or whether it was accessed instead by a visitor.
9. Two of the seventeen John Does accessed the content in question fiom single occupancy dorm rooms at the University. No login or personally identifiable information, i.e. authentication, was used by the Does to access the university's network because none is required. The University cannot determine whether the content was accessed by the room occupant or visitor.
10. Nine of the seventeen John Does accessed the content in question from the University's wireless network or a similar system called the "HDSL Circuit." These systems do record a user name associated with the access. For these John Does, the University can determine the identity of the individual who bas been assigned the user name, however, it is unable to determine whether the content was accessed by the individual assigned that user name or by someone else using the computer associated with the user name.
11. In the case of sixteen of the seventeen John Does, I believe it is not possible for the University to identify the alleged infringers without conducting interviews and a forensic investigation of the computers likely involved.
Accordingly, the AG concludes,
Plaintiffs' subpoena is unduly burdensome and overbroad. It seeks information that the University does not readily possess. In order to attempt to comply with the subpoena, the University would be forced to undertake an investigation to create discovery for Plaintiffs -- an obligation not imposed by Rule 45. As the University is unable to identify the alleged infringers with any accuracy, it cannot comply with its federal obligation to notify students potentially affected by the subpoena. Plaintiffs' subpoena is additionally invalid because Congress intended Plaintiffs to use the DMCA subpoena process to obtain the information they seek, not Rule 45. Lastly, the University should be allowed access to Plaintiffs through interrogatories and depositions to determine whether Plaintiffs have additional information with which to identify
Defendants. For the foregoing reasons, Plaintiffs' subpoena should be quashed.
The University of Oregon is represented by the Attorney General of the State of Oregon.

University of Oregon's Motion to Quash*
University of Oregon's Memorandum of Law in Support of Motion to Quash*

* Document published online at Internet Law & Regulation

Commentary & discussion:

p2pnet.net
The Oregonian
Slyck
Slashdot
Associated Press (via Seattle Times)
Mashable Social Networking News
Digital Media Wire
Tech Spot
Ars Technica
Wired
Electronic Frontier Foundation
The Stranger (LineOut)
TechDirt
Read/WriteWeb
ZDNet
Hard OCP
Wendy.Seltzer.org
Inside Higher Ed
Oregon Daily Emerald
MacWorld
Cornell Blog: An unofficial blog about Cornell University
Sound Opinions
New York Times (log-in required)
U.S. PIRG
Universities Weblog







Digg!



Keywords: digital copyright online law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs







12 comments:

Steve Robertson said...

You go AG in Oregon! Sweet.

Matthew said...

I think I owe an AG on the other side of the country a beer. This post made me smile.

Alter_Fritz said...

While all the arguments used by the AG are important and valid why the subpoena should be quashed, with my IANAL understanding I think Number 10 "These systems do record a user name associated with the access. For these John Does, the University can determine the identity of the individual who bas been assigned the user name, however, it is unable to determine whether the content was accessed by the individual assigned that user name or by someone else using the computer associated with the user name." is the most important argument since it explains again that an IP-Address or a username (or a screenname like RLG@KaZaA for example) does not identity individuals!
Having such an argument made by an AG now too might help to persuade judges elsewhere to throw RIAA's junk-science, noninvestigation, "information and belief"-suits out as early as possible.

Anonymous said...

That is fantastic news... I'm very suprised a state AG got involved, but it's good to see they did. Hopefully this will prompt more universities to stand up to the obvious extortion tactics that have been employeed by the record industries Goons.

Ray Beckerman said...

This is a good thing.

Essentially the Oregon AG is recognizing that the RIAA's evidence does NOT indicate that the person they're targeting committed a copyright infringement. I can't imagine how the RIAA is going to rebut this, since its own expert witness "Dr. Doug" testified at his deposition in UMG v. Lindor that the MediaSentry investigation can't identify the individual who committed the alleged infringement, and since SONY BMG's in house legal counsel testified to like effect at the Capitol v. Thomas trial.

I think the AG is involved because University of Oregon is a state institution, and is represented by the AG's office in litigation. I am thrilled that Oregon's AG's office is well versed in the law in this area, and am hopeful that other AG's will follow their lead, and that other universities and colleges will show the same respect for their students' civil rights which the University of Oregon has shown.

Russell said...

I think the AG exposed the difference between accusing a college student and a homeowner such as Thomas.

In Thomas there was a limited number of dots and they were able to connect them.

In a University setting, there are so many more dots, and it is harder to connect them without doing discovery.

This motion does not get the students off, it means that the RIAA will have to use more formal, expensive legal procedures to get to them. Time will tell if the RIAA follows through.

Ray Beckerman said...

russell

i disagree with you on the thomas case.... the forensic examination in thomas proved that it hadn't taken place on her computer... all they had was the fact that the kazaa user had used ms. thomas's usual user name, which could have come about in a lot of different ways...

if i had your computer as a zomby i would know in a minute that you use the name "russell" and would use that as my kazaa user name.... if i were an enemy, a jilted girlfriend, an unpleasant or nutty neighbor, etc., i would also know you use the name "russell"...

all that happened in thomas was a perfect storm of a biased and ignorant jury, a ridiculous jury instruction, and a $500,000 full court press by the riaa running dogs.... i don't think that jury verdict will stand...

Steve said...

Item 11 of the university's reply is interesting.

11. In the case of sixteen of the seventeen John Does, I believe it is not possible for the University to identify the alleged infringers without conducting interviews and a forensic investigation of the computers likely involved.

I wonder if the RIAA is going to seize upon that as a reason to oppose the motion -- saying they can still get useful information about one of their targets from their request.

Or would they have to refile each request for information separately and have 16 of them quashed (for these same reasons) to get the information about the 17th Doe? Would the judge let them do that, would he force the university to identify the one Doe they can identify, or would he do something else about that 17th Doe?

Anonymous said...

No mention of illegal joinder of unrelated Doe defendants. Could a Doe say that he was not accused of any infringing activity re: some of the Plaintiff record companies, and demand that they be dropped from the suit entirely?

Wujin L said...

happy to know good news

Sanji Himura said...

I believe, Steve, that you failed to grasp the situation. p. 6 Of the AG's motion stated that all 17 Does can't be identified.

p. 7, 8, and 9 of the motion breaks it all down. Five IP addresses were assigned to Double Occupancy dorms, and while the University can determine what dorm the address is assigned to, it can not determine witch one in the dorm used the computer at the time of "the alleged infringement".

Two IP addresses come from single occupancy dorms. The good point that the AG made is that the Univerity can only identify the person registered in the room, not the person behind the computer.

Nine of the seventeen IP Does accessed the content in question using wireless access. While the University can identify a registered username associated with the use, it would not be able to identify the actual infringer without conducting an investigation to determine if the individual assigned that username accessed the
content or whether someone else borrowed the username to do it.

I think that the AG nailed the RIAA's intentions right on the head. They are looking to sue somebody just to sue.

Marc W. Bourgeois said...

if i had your computer as a zomby i would know in a minute that you use the name "russell" and would use that as my kazaa user name....

Bingo. Plaintiffs in this case repeatedly presented that Ms. Thomas' user name was the same as was used by the KaZaA user. It is perfectly rational to conclude that if Ms. Thomas' computer was broken in to that the same user name would be used.

There was no way to prove or disprove that since shortly thereafter Ms. Thomas' hard disk was replaced. I thought a potential break-in could have easily led to computer malfunction that caused her to eventually bring the machine in for this repair.

This is just one of many potential explanations for that case. There's no sense in my going in to them since that is not on the topic of this post.

More on topic, it is good to see that a university has made a motion of this sort. Most other universities have decided that since they themselves are a non-party it is not prudent to get involved and simply respond to the subpoena with their "best guess" of who is responsible.