Thursday, April 03, 2008

RIAA's Boston University Subpoena Quashed in Arista v. Does 1-21

Thanks to p2pnet.net for alerting us to this story:

In Arista v. Does 1-21, the RIAA's case targeting Boston University students, the RIAA's subpoena has been quashed by District Judge Nancy Gertner.

The 52-page decision recognized privacy rights of students, and the existence of First Amendment issues in disclosing the identities of anonymous people accused of copyright infringement, and engaged in a balancing test between those rights and the rights of copyright owners, and quashed the subpoena in the first instance.

But the ruling is not final. Judge Gertner permitted the RIAA to subpoena just Boston University's "terms of service agreement", if there is one. She is then going to review that agreement in camera before deciding the larger question as to whether the RIAA is entitled to subpoena student identities. The judge felt that without the "terms of service agreement", she could not determine what the students' expectation of privacy is, and therefore could not complete her balancing test.

The decision, which came out the very same day as the Elektra v. Barker decision, covered some of the same issues as Barker.

For example, Judge Gertner agreed with defendants that there is no "making available" right. On some issues she came to different conclusions than those reached by Judge Karas. For instance, the Court correctly pointed out that "publication" and "distribution" are NOT synonyms under the Copyright Act, and that distribution DOES require actual dissemination of copies.

The judge rejected the EFF's argument -- debated between the EFF and the US Department of Justice in Barker but not raised by plaintiffs or by defendant in that case and not decided by Judge Karas -- that electronic transmissions could never implicate the distribution right.

March 31, 2008, Decision (542 F.Supp.2d 153, 2008 WL 887491)

(Alternate link)*
(Alternate link #2)

* Document published online at Internet Law & Regulation

Commentary & discussion:

p2pnet.net (My source for the story)
EFF DeepLinks
p2pnet.net
Patry Copyright Blog
Slashdot
Associated Press (via SiliconValley.com)
FurdLog
Boston Globe
FindLaw




Keywords: digital copyright law online internet law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs intellectual property

13 comments:

Igor said...

I'm only half way through this, but I have to say this is one of the best written, clear and easy to understand opinions I've read in a long time. More judges should write like her (whether I agree with them or not on their rulings).

So far this paragraph stands out rejecting the making available argument:
"The plaintiffs suggest two reasons why an actual distribution
might not be required. First, the statute reserves to the
copyright owner the right "to do and to authorize . . . [the
distribution of] copies or phonorecords of the copyrighted work to
the public." § 106(3) (emphasis added). The language appears to
grant two distinct rights: "doing" and "authorizing" a
distribution. Making the copyrighted material available over the
internet might constitute an actionable "authorization" of a
distribution. Second, if mere authorization is not enough, the
plaintiffs argue that in appropriate circumstances -- including
these -- "making available" copyrighted material is sufficient to
constitute an act of actual distribution. Neither argument has
merit."

Anonymous said...

After a quick look at the order, this looks like a push. The Court has allowed them to re-submit the motion for ex parte discovery but wants to examine the university's terms of service to determine what, if any, reasonable expectation of privacy they have.

Mike

Anonymous said...

The source of the story is EFF, not p2pnet.net. http://www.eff.org/deeplinks/2008/04/making-available-distribution-says-court-london-sire-v-doe

fred

Anonymous said...

I note, with exceptional disappointment, that the court is not considering the legality of the evidence presented (IP addresses, time-stamps, lists of purported files found) in its decision so far.

Nor does it seem to consider that although these cases may never be possible to be proven by actual legal factual evidence, that revealing of private identity information at this point will subject the victims of this to great abuse outside of the judicial system itself. Abuse which this judge is powerless to prevent.

Nor does the judge seem to recognize the sham, fraudulent nature of these mass discovery cases. Rule 11 anyone?

MediaSentry gathers what information it can about the computer from which the files were downloaded (the "sending computer.") Most crucially, that information includes the date and time at which the files were downloaded and the IP number of the sending computer.

Most crucially, this is COMPLETELY WRONG on the judge's understanding of the technology. Any simple router, as well as other network devices, may change that IP address as seen at the far end of the P2P connection, and transparently change it back on the return messages. This is much more than just a dynamic IP address, which the judge recognizes as distinct from a static IP address. THIS IS CRUCIAL to show that Media Sentry and the RIAA haven't identified ANYTHING!

As for the need to expedite discovery – the huge rush to avoid any opposition – that is easily cured by an order to preserve the relevant records. Like digital music files that make perfect copies, digital log files don't degrade over time. Now we have no need to rush in any longer.

The RIAA scores points with a judge here who loves the joinder of unrelated defendants, which is highly disappointing.

the claim must be supported by prima facie evidence. That standard does not require the plaintiffs to prove their claim. They need only proffer sufficient evidence that, if credited, would support findings in their favor on all facts essential to their claim.

I never hear this question asked in the form of: The pleading must be viewed in the light most favorable to the plaintiff, considering as true the facts they have pleaded, and drawing all reasonable inferences in their favor. But if the only evidence the plaintiff has to present is illegally gathered evidence, how can that be viewed in any favorable light? Remove the illegally gathered evidence and the plaintiff has no evidence at all – only hearsay that someone copied an illegal file from someone else at this IP address at this time, provided that this was accurate to start with.

This whole business about "offering" to distribute, P2P may quite reasonably be viewed as a "poor man's website". In fact, it's much more that than an "online media distribution system." Most home users can't run their own web-sites because their ISP blocks access to those ports. If you want to perform a non-infringing act, like make your home file library (which may include music files) available on your work computer, you can run the same P2P system on both of them, so that one computer can see the other ones available files. This gets past ISP restrictions, and is a reasonable way for family members to share files of all types (e.g. baby pictures). Chalk that up as a non-infringing use.

Here's another question about distribution. If I play my stereo really loud, and my neighbor hangs a microphone out of his window and records that music, have I illegally distributed it to him? I never invited him to copy my music, any more than a P2P file sharer (as opposed to a file trader) as ever contacted any other P2P user and said, "Copy my stuff." There seems to be a fine line here.

And then there's:

thereby demonstrating that distributions could occur.

Here the judge ignores Twomby completely and engages in the merest of speculation. You know, I could rob a bank too. I have a mask and a getaway car. But that doesn't mean I ever did.

As noted above, [defendants] are not required to win their case in order to serve the defendants with process.

Defendants should at least be required to show that IT'S AT LEAST POSSIBLE that they could win their case. They can't, short of forcing defendants to confess.

To show infringement, the plaintiffs are obliged to build a chain of inferences.

Call it what it is: A House of Cards!

While the plaintiffs must eventually prove that an actual infringement of those rights occurred, they may certainly do so through circumstantial proof and inference.

Though smoke and mirrors and b.s. Because the defendant COULD HAVE DONE THIS, that is EXACTLY THE SAME as if HE DID DO THIS. A truly sad statement of the state of justice in America.

drawing a reasonable inference in the plaintiffs' favor, one did occur.

And which one was that? Perhaps not one belonging to any of the plaintiffs in this case. Perhaps not one copyrighted at all. This judge is saying, in effect, that EVERY FILE SHARED was COPIED ILLEGALLY AT LEAST ONCE! That's the worst overreaching assumption of all! Chances are with many P2P users, many files shared are never copied by another user because there are so many other copies out there available.

In addition, I am astonished by the complete lack of any mention of FERSA at all by this judge. Students DO have an expectation of privacy that extends beyond that of any specific ISP agreement with them.

Lastly, Jane Doe who asserts a lack of jurisdiction over her since she is not in Massachusetts is kept in the case because she "might have infringed while on a trip into the state." Would it be sufficient for her to prove that she wasn't in the state during the time that the IP address that allegedly identifies her was detected by the illegal Media Sentry investigation? That is the only record of infringement that can be tied to a specific time.

So far this quash only seems to be a minor delay, a speed bump, in the RIAA juggernaut's path.

XK-E

Alter_Fritz said...

I'm thru with reading it, maybe you take my word about the effect of it: ;-)
As I understand it she did not squash it, but changed the sup in so far that she ordered the uni that it disclose the information only to the judge for in camera review first and should not disclose ANY information to plaintiffs at this stage.

So much as to the effect insofar I as in IANAL understand it, now some normal comments:

Cool, this judge took much effort into writing this order! She had gone to great lengh in explaining stuff and in the end this piece of her has parts for every party to cite favorable for their own course :-)
For example "good for defendants" was this part:

MediaSentry, posing as just another peer-to-peer user, can easily verify that copyrighted material has been made available for download from a certain IP address. Arguably, though, MediaSentry's own downloads are not themselves copyright infringements because it is acting as an agent of the copyright holder, and copyright holders cannot infringe their own rights. [footnote omitted] If that argument is accepted, MediaSentry's evidence cannot alone demonstrate an infringement. The plaintiffs suggest two reasons why an actual distribution might not be required. First, the statute reserves to the copyright owner the right "to do and to authorize . . . [the distribution of] copies or phonorecords of the copyrighted work to the public." § 106(3) (emphasis added). The language appears to grant two distinct rights: "doing" and "authorizing" a distribution. Making the copyrighted material available over the internet might constitute an actionable "authorization" of a distribution. Second, if mere authorization is not enough, the plaintiffs argue that in appropriate circumstances -- including these -- "making available" copyrighted material is sufficient to constitute an act of actual distribution. Neither argument has merit.

I find it interesting how she wiped plaintiffs arguments away with just 4 words.

She also had some points in "favour of plaintiffs" in it but RIAA-Richard gets big money for finding them, me does not, so no quotations of that kind.

two other points I do however find a bit strange resp. troublesome;
first this argument very early in this order that the consolidation of all the unrelated does in this one old Sire case number from 2004 could help those does to "see the defenses of the other does"(!) While I personly find this a nice Idea since it might actually help them, I'm still being a bit troubled that privacy concernes seems to play no role in this argument. Maybe some of the does do not want that other does learn so much about their alleged downloading habbits/musical taste ect.

And last but not least Judge Gertner's resoning that because MediaSentry was able to downlaod the song Clocks at a specific date/time she also mentioned that it could be concluded from that fact that the files could indeed be downloaded from the Doe by other "genuine" p2p participants.

I find this reasoning highly troublesome!

While Plaintiffs don't get tired to say that MediaSentry does not do what others could not do too (while at the same time claiming their methods are highly confidential tens of thousands of menhours development work results and this and that and what not) no defendant nor any court knows so far what exactly they do to be able to download all those songs. Just because THEY were able to download Clocks from that one Doe, does not automaticly make it reasonable to assume the public without all those secret tools and tens of thousands of menhours investment into the ability to downlaod copyrighted songs would have been able to do the same at that mentioned date/time!
Using special software
-like MS does and even somehow gain access to networks that are not open to the general public in the first place like "internet2" for example-
to boldly go where no legitimate p2p user has gone before, is not the same as walking into a library and lending an illegal copy from the shelf which any 5 year old could do without tens of hours of training and skill to reach the shelfs.
If I were a judge that had to draw conclusions from the fact that MS could do something, I would be highly suspicious and carefull in assuming that their results could be projected onto what the public might be able to.

Justin Olbrantz (Quantam) said...

This looks big. I'm eagerly awaiting your explanation of the ruling.

Usage May Vary said...

Is it me or does this sound like an extremely narrow quash of the subpoena?

After reading it seems like the judge was saying "You are asking for the wrong things in the subpoena, everything else was sufficient, go refile with the proper request". As opposed to just outright refusal.

I am really concerned for the rights of the students on this one....so many different levels of invalid information, I'm surprised the judge accepted the ones considering the "yes, that IP address is yours" equivalent.

Ray Beckerman said...

Dear anonymous fred:

p2pnet is the one that informed me of the decision...

eff didn't...

the defendant's lawyers didn't....

my source was p2pnet

Anonymous said...

I note that the university doesn't know, from an IP address, a timestamp, and the MAC address its logs give from the first two, if it has identified a computer, a NATing, router, or any other sort of TCP/IP enabled device. Nor does it know who that device belongs to, let alone who was using it at the time.

As such, the university would be completely truthful to respond that we cannot identify any specific individual from the information provided any more than you could when you submitted it to us.

Universities would solve much of this if they just quit keeping logs for longer than a couple days when not required by law. The problem is that I.T. people just love gathering, having, and hording every bit of data they can get their hands on - no doubt to justify their next budget increase.

-DM

Igor said...

Yeah DM, that's exactly why they do it. I can think of no other reason for doing that. Absolutely none (sarcasm).

Justin Olbrantz (Quantam) said...

Gah, these two have been nasty decisions. Between reading this blog, the EFF page, and the Ars write-ups on each, I have no idea what they're really saying, as the three sources tend to conflict :P

Anonymous said...

DM,
We store the log files because of e-discovery obligations that none of us techies understand or care about. Only that our general counsel say we must set a reasonable unified policy on how long we store information, that be emails, backups, log files, anything electronic.

Anonymous said...

See Wm Patry's comments on this case on his blog entry of 4 April at
williampatry.blogspot.com .

"Interested Observer"