Tuesday, February 13, 2007

RIAA Adopts New Policy, offers "Pre-Doe settlement option" if ISP Holds Logs Longer, Asks ISP's to Correct Identification Mistakes

The RIAA has sent out a letter to ISP's attempting to change its prelitigation policies:

Letter from RIAA to ISP's*

While we have not had time to analyse the letter in detail, some of its interesting features are:

-creation of a new "Pre-Doe settlement option";
-it will only make the "Pre-Doe settlement option" available to customers of ISP's who agree to preserve their logs for 180 days;
-the "Pre-Doe" option will supposedly allow settlement at a reduced amount, with a discount of $1000 or more, if they settle before a John Doe lawsuit is brought;
-the RIAA will be launching a web site for "early settlements", www.p2plawsuits.com;
-the letter asks the ISP's to notify the RIAA if they have previously "misidentified a subscriber account in response to a subpoena" or became aware of "technical information... that causes you to question the information that you provided in response to our clients' subpoena";
-it requires ISP's to notify the RIAA "as early as possible" as to whether they will enter the 180 day/"pre-Doe" plan;
-it mentioned that there has been confusion over how ISP's should respond to the RIAA's subpoenas;
-it noted that ISP's have identified "John Does" who were not even subscribers of the ISP at the time of the infringement; and
-it requested that ISP's furnish their underlying log files as well as just the names and addresses.

* Document published online at Internet Law & Regulation

Commentary & discussion:

Ars Technica
Geek News Central
boing boing
Digital Citizen
Ratiatum (French)
Digital Media Wire
What the Geek?
Corante Copyfight
iMedia Law Blog
Security Lab (Russian)
Rock Lawwwbster
Domain Name Rights Coalition
The Inquirer
Heise Online (German)
gulli (German)


Keywords: digital copyright online download upload peer to peer p2p file sharing filesharing music movies indie label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs


Unknown said...

Well, wouldn't this just be ducky? This gives the riaa two advantages....one, this may save them from suing the dead, and two, if they get to these infringers fast enough, they need not bother with nasty things like defendants lawyers and judges....basically, they would just send out a bill and the people would pay it.

With them holding out the proverbial "carrot on a string", that being $1000.00 reduction, why, the infringers should just be thrilled to pay this fine and get the riaa off their backs.

Wow, the riaa just hates it when they lose a case, that being the Foster case. Guess they think this new pre-Doe settlement will help their "cause" and prevent them from making THAT mistake again.

Well, good luck with that riaa...I mutter under my breath facetiously.

AMD FanBoi said...

This is like the offering from the local mob boss who says, why bother with the courts when we can scare you into settling without even involving them. We're doing you a favor here. Sure we are. We've proven we'll sue a few thousand of you, and even if we have yet to win at actual trial, do you want to take the chance of being the first? We'll frame it in terms like we're doing you a favor, but we're making it very clear that we want to deprive you of any remaining rights you might have, and cut off any chance that your ISP employees might actually direct you to places where you can truly fight back. I foresee this as being the start of a true mass extortion campaign of them sending such notices to everyone Media Sentry has ever managed to believe they've identified. This totally bypasses the need for going to the courts to get your extortionaire threats delivered to Americans cheaply en masse. And to top it off they claim they really have many people who would have been happier to settle sooner for less. I personally doubt they have anyone happy about this at all, and that the huge increase in threats and intimidation this portends will leave even less people happy than before. As for keeping ISP logs voluntarily for 180 days, I'd switch in a moment to any available ISP who didn't keep logs at all. Nice little ending where they say the lack of log files is the subscriber's problem because they can't be exculpated afterwards without this evidence. Kind of, you're guilty because we say so, so now prove your innocence. And of course they want to avoid prolonged litigation – for themselves!!! Steve Marks is no member of the Human race.

Anonymous said...

When I read the RIAA's new letter to the ISPs asking them to direct their customers to the website p2plawsuits.com, I impulsively registerd the domainname "p2plawsuitssuck.com". Thought the ISPs might get a kick from including that reference also in their notification to their customers. Just don't know quite yet what do to with it. Give it a day to get settled in with the dns servers and then go there and send me your suggestions as to what we could do with this.
-george little

AMD FanBoi said...

On further reflection I can see that this is intended to get those people who are going to settle anyway, to settle quickly without having to go through the courts at all. This allows the John Doe cases to only be filed against recalcitrant citizens. This amounts to a huge cost, time, and effort saving on the RIAA part by having the ISP's deliver the threats that the RIAA cannot otherwise manage to get to the Internet users without a lengthy subpoena process. As I've already commented, this will allow them to attack many more citizens, more rapidly, than ever before. In fact, expect letters to go out as fast as Media Sentry can provide IP addresses and times, unless the ISP's rebel at the efforts and bad PR of having to notify so many customers. This is all intended to create the fear that there's no place to hide from the RIAA snoops. They can get to you now without having to deal with the courts at all. I sincerely hope no ISP falls for their propaganda that this "Is for the customer's benefit, and what they're crying out for." No doubt the RIAA intends to sue every alleged filesharer in existence, and now that they believe they've established their street cred here, this is how they plan to accomplish it. Calling them scum (they say they're doing it for the starving artists, but the artists aren't seeing much, if any, of the money) is an insult to scum. As with all blogs, this is an opinion.

StephenH said...

This new policy shifts the role from the RISS to ISPs, and wants people to simply settle and essentially plead guilty by simply sending them a bill. It is essentially like a plea agreement in disguise.

Worse yet, it does nothing against innocent user protection, or do anything in the forensics arena to address the potential for innocent users. I think that the people of Holme, Roberts, & Owen, as well as the RIAA itself should read Gary Millin's depostition in BMG Canada v John Doe throughly. A professor at my school who teaches Client / Server Programming, admits that IP addresses and times don't prove ones indentity. The Capitol v Foster, Priority Records v Candy Chan, and other decisions should send a clear message to RIAA.

Unknown said...

No doubt the RIAA intends to sue every alleged filesharer in existence, and now that they believe they've established their street cred here, this is how they plan to accomplish it.

Why would the RIAA care about whether they sued every alleged filesharer... The have already shown that they will sue reguardless of whether they actually shared any files in the first place. It's just big money and deep pockets going against the people to make more money for themselves. This just allows them to use Bush-style shock-and-awe tactics to try and extort more money without having to pay court costs. It's a win-win situation for them and a lose-lose situation for individuals.

Just send a message to the RIAA members pocket books and refuse to buy or use their members products/offerings at all. There are other alternatives.

AMD FanBoi said...


How about links to eff.org, and this web-site for starters?

Anonymous said...

One goal of this appears to be to get the ISPs to use the RIAA's form letter to contact their subscribers. Unsurprisingly, that letter describes events the way the RIAA would like to see them, in three ways:

First, it states that the ISP will comply with a subpoena. In reality, the ISP might choose to fight the subpoena, if it was improperly written or served.

Second, it recommends that the customer should contact the RIAA with any questions. Of course, as soon as the customer calls that number, they've saved the RIAA the trouble of filing a subpoena in order to identify them, so it's probably the *last* thing that the customer should do.

Finally, it makes no mention of consulting a lawyer, which is the *first* thing someone in this situation should do.

So, as I see it, this is really an effort to try to smokescreen the customer into entering settlement procedures before finding out what their real rights are or obtaining legal council, thus ensuring that the RIAA is in a position of maximum advantage.

Unknown said...

How about a list of ISP's complying with the RIAA? As cheap as broadband is today, I would switch to an ISP that does not comply with the RIAA without a court order.

Anonymous said...

problem might be; sooner or later this "long time log keeping" will become the law (in the EU for example they are dealing now with laws that make 2 years(!) log keeping time mandatory). So your US-ISP might have no chance to resist and you will not benefit from switching. :-(

What I can imagine now (supposed this letter is genuine) however: An ISP that will take this offer and as an PR stunt will announce that his customers can "steal" content cheaper!
There are more then 60 million americans that already used p2p according to some measurements. That's a huge userbase for an ISP! And given the beforementioned probability that this long logkeeping will happen sooner or later, why not profit from a reduction when the RIAA "catch" you? If I were american, I would choose such an ISP ;-)


IndieMusicMan said...

p2plawsuitssuck.com is now up and running.

Anonymous said...

to help those frightend guys after they recieve one of those new letters the RIAA announced and then panicly asked google for help: ( a link their robot might find helpful)

I got a letter for copyrightinfringement

IndieMusicMan said...

Great idea Anon! I have posted a request for links on the site also. Spread the word and lets get this site to the top of the search engines before the RIAA even launches theirs.

Anonymous said...

It seems to me that the RIAA is using the ISPs to do *their* jobs. I wonder how much time and money it takes for an ISP to do the work the RIAA is asking them to do? Validate that their logs are being kept long enough and are accurate, look in the logs for the IP address, and send out a letter to the subscriber (excuse me...infringer). If I were an ISP and the RIAA flooded me with many letters, I would send *them* a bill.

Something just seems backwards here.

recordjackethistorian said...

What this letter does is attempt to seduce the ISPs into giving up confidential customer information which they legally do not have to do except under court order. This letter in itself should be illegal. It is an attempt to get the ISPs to violate the trust between a business and its client.

As well as having worked in music retail for a number of years I am doing some systems adminstration work. Because of the nature of what we (system adminstrators) do, we have privilaged access at the highest level to almost everyhing that runs through the wires we administer. I'm sure every systems adminstrator feels the the way I do: that we have an obligation to live up to the trust our customers or clients have in us. They trust us with their most confidential communications and are honour bound if not also legally bound to honour that trust. The RIAA is attempting to break that trust. Of course the implication is that the holder of the account is guilty and invites the ISP to make the same assumption. Were I an ISP, I would want to see the Media Sentry source code before I did anything like they are suggesting. I'd not have confindenc in anything less. Just look at the Diebold voting machine scandals. Unaudited code is always suspect.

The ISPs obligation is to the customers who pay them, NOT to the RIAA. Any ISP who cooperates ith the RIAA should be instantly boycotted as untrustorthy. If they will do this for the RIAA, then basically their logfiles.. AND by the way, every single word in every email you send in clear text is far game and can be bargained for in some manner. This is highly offensive.

AFter what Sony/BMG embeded in their CD's last year now this attempt. The main distinguishing caratacteristic of a root kit, the one that distinguishes it from all other malware is that it is a betrayal of trust. The RIAA plans yet another kind of root kit, one where the ISP betrays their custoomers confidence and their privacy.

the RecordJacketHistorian