Monday, March 17, 2008

Fireworks in Phoenix, several motions being fought out in Capitol v. Weed

In a Phoenix, Arizona, case, Capitol v. Weed, there are several key motions pending at this point:

-defendant's motion to dismiss the complaint; and
-defendant's motion for leave to interpose counterclaims.

Additionally, the parties were able to reach agreement on a stipulated protective order for an examination of the defendant's hard drive.

Motion to dismiss complaint*
Opposition papers*
Reply papers*
Supplemental authority submitted by defendant*
RIAA response to supplemental authority*
Motion for leave to interpose counterclaims*
Opposition papers*
Reply papers*
Stipulated protective order for examination of defendant's hard drive*

* Document published online at Internet Law & Regulation

Keywords: digital copyright law online internet law legal download upload peer to peer p2p file sharing filesharing music movies indie independent label freeculture creative commons pop/rock artists riaa independent mp3 cd favorite songs intellectual property


Anonymous said...

My, my. The


Is fine reading, with such classics as:

"Since getting the first pre-lawsuit letters, Ms. Weed has been abused,
threatened, and lied to by the RIAA Settlement Agents. Indeed, one need only look
to the actions of Amy Bauer, counsel for Plaintiffs, for facts sufficient to support an
Abuse of Process claim."


" Plaintiffs admit
the existence of the civil conspiracy by confessing that MediaSentry – Plaintiffs’
investigators –engaged in criminal acts in the course of their unlicensed and
unauthorized private investigation under Arizona law and the Computer Fraud and
Abuse Act. (Plaintiffs’ instant motion, at p 1, l. 25 – p 2l. 6.; p. 8 ll. 8-21).


Indeed, unlicensed investigation is so serious that
in Security Farms v. International Bhd. of Teamsters, 124 F.3d 999, 1016 - 1017,
n. 24 (9th Cir. 1997), Rule 11 sanctions against an attorney were affirmed on
grounds including that the investigator was unlicensed. "

I really hope a judge will finally call them on this patently unethical behavior. It is getting, one would think, hard for even for generally pro-business judges to ignore.

Alter_Fritz said...

Ray am I allowed to ask plaintiffs' lawyer Amy Bauer a few questions?

Hi Amy!
you confess in your court filing dated 18.01.2008 that "Second, MediaSentry conducted no activity in Arizona. MediaSentry
logged on to the KaZaA file-sharing network, just as any user of the KaZaA
program could do, from its offices. [...] From its offices MediaSentry
was able to observe all of the sound recordings that Defendant was distributing for
free to other KaZaA users. Thus, neither MediaSentry nor Plaintiffs conducted and
any activity in Arizona that would subject them to Arizona state law,
Arizona’s licensing scheme cannot apply to non-Arizona entities conducting
activities in other states, especially where such entities may be subject to other
licensing requirements.
So would you be so nice to answer my< following questions
1) Where are their offices located?

2) How does any likely answer to 1) work out with the sworn testemony of MediaSentry boss Millin that they work from places all over the world (asia/england ect.)

3) if your answer to 2) names on town in one state of the USA do i get from your above quoted confession that Media Sentry is "subject to [a state which is not Arizona] licensing requirements."?
3a) Does MediaSentry has such a License?

4) If MediaSentry works from its offices like you confess, can you tell me how they got access to Internet2 as explained by blog commentor Igor a while back. Are their offices in a RIAA building since RIAA was/is a member of internet2 according to the memberlist of

5) Can I get back to you with more questions later if more come to my mind, And do you mind if some lawyers for defendants like to ask you and your RIAA lawyers more unpleasant questions too?

Thanks Amy for your cooperation.
Looking forward for your answers!

Alter_Fritz said...

Can we ("we" as in the poor guys without PACER access) have exhibit A the transcript of the "illegal" messages by Amy to the cell phone too please?
I would love to read that :-)

P.S. As an information for you lawyers that deal with harddrive inspections.
When doing forensic inspections you are not dealing with "files" on the computer as in tax return.doc, loveletter.txt.vbs or stolencrappyriaaartist.mp3!
you are dealing with "sectors" on the harddisk.
The "expert" of the RIAA does not look at the harddrive like you do when you use your wordprocessor software to create a letter to your client and vice versa for the client if she creates one for you..
When defendet deletes this letter after printing and sending a copy to you attorney, in windows explorer you don't see it anymore as an existing "file" so you will not include it in a privilege log since "it isn't there anymore", but it is still on the hdd scattered among many different sectors. Dr. Doug and any other person with forensic software and access to a bit identical copy of that hdd would then be not only able to, but also allowed to read this information which is likely protected by your AtoC privilege since you have the content of those sectors not included in any privilege log that applies only on a "file" interpretation/wording/level like the judge signed here.

Anonymous said...

Since this is yet another case where the RIAA falsely claimed in their demand letter to have all the necessary evidence to prevail at trial I'm wondering why the judge let them have discovery on the hard drive? Seems redundant. Either their claim was true or it wasn't, and if it was a lie then they deserve to be sanctioned and tossed out of court.

Justin Olbrantz (Quantam) said...

Ray, this seems off-topic for this particular post, but I'm hoping as many people as possible can see it - it's a summary of what I think are and are not valid arguments to make against MediaSentry investigations in court, from someone in the computer science profession (though I attempted to not get too technical with it). I've also posted this on my blog at What's the Matter with MediaSentry which may have more technical replies (if my blog even gets enough traffic to generate questions). I hope it's of use to use and/or your readers.

Let me attempt to give a brief sketch of how P2P applications work, targeted toward non-comp-sci people, particularly with respect to the RIAA file sharing suits. This is taken from the general knowledge I have about P2P programs as a computer scientist, and in some cases I know specific things about specific applications.

Basic Architecture
In P2P applications, individual computers act as either clients or servers (or both at the same time), depending on whether they're downloading, uploading, or both at a given time. Somewhere there is a list of computers in a given P2P network - which users must join at some point. For eDonkey, you log into a large network when you start the program, and these large networks contain many peers who may never communicate with each other. With BitTorrent, you are logged into a small network - only containing the files you are downloading/uploading (e.g. MP3s of a single CD) - only while you are downloading/uploading, and you may be connected to many such networks at once.

Somewhere there is a directory of users. This may be stored on a single server (I believe eDonkey was this way), or a network where a computer asks another computer "who have you seen recently?", and then asks that question of all the computers that are returned from the query, etc.

In all cases (unless you've got some kind of file-sharing virus, which I'm actually surprised we haven't seen before), the user voluntarily logs into and out of the network(s) through various actions. As well, files which are shared must be "voluntarily" shared, either from a shared files folder or by tracking specific files that should be shared; however, most programs will automatically share any files you download from other users (and I've heard some programs, when installed, automatically search for and share files that the program thinks would be good to share).

Depending on the system, peer and/or the directory server may not know all the files a given computer has available for sharing. Similarly, if you ask a given computer what files they're sharing, it may or may not be a complete list. In torrents, it only shows the files in the particular torrent; I believe eDonkey lists all shared files. All P2P systems have a way of asking a particular computer what files they are sharing, although the completeness of the response varies.

Okay, getting to the specific legal issues.

Method of Obtaining an IP and File List
First, as there are standard and intended methods of asking a computer what files it's sharing, it's (probably) not true that MediaSentry had to do anything illegal to obtain this list, like hack into the computer. Likewise, they probably didn't have to do anything other users couldn't do (although they probably made a program to scan P2P networks and catalog all files, while the typical user would have to search for people with specific files; I wouldn't call this illegal).

The big question mark is how exactly MediaSentry verified (to the best of its knowledge) that the info they obtained is true, and without knowing this we can't give a good estimate of the false-positive rate (which is likely the reason MediaSentry won't say what their methods are; they're probably lying when they say that they have developed proprietary and novel methods of investigation that should be considered trade secrets), although previous cases have shown this rate to be > 0. There are lots of ways an investigation could go wrong (or become difficult), even if they did see what appears to be a computer sharing copyrighted files.

Outdated Cache Information
It's possible that the directory server or another computer has an outdated list of files shared by a certain computer, in which case they may say that a computer is sharing files that it isn't. One example of how this could happen is that a computer was sharing some files on some network then disconnected from the internet, and another computer logged on and was given the same IP. Such outdated data could indicate that the second computer is sharing files, even though it's not (it might not even be on the P2P network at all), and in fact NOBODY at that IP has been sharing files for some time. This goes directly to the issue of not being able to positively identify a person from an IP address even if you get an IP address that that computer has as the moment the IP address is obtained (although this is highly dependent on the P2P program). This risk of false positives (and the next one or two) can more or less be eliminated by verifying that the files can actually be downloaded at the time the IP is seen "sharing" files.

It's possible that the user is a "leecher" - somebody who downloads without allowing their computer to upload anything by messing with their system configuration. This may be done either intentionally (it's not extremely rare for people to leech so they don't have to use upstream bandwidth when all they want is to get something from someone else; such people fall under the "jackass" category) or unintentionally (P2P programs can be a huge pain to set up to work properly when you're behind a home or other type of local network, and even some ISPs block P2P uploading - but not downloading). Obviously if they're a leecher, they haven't so much as made available anything, despite the computer indicating that it's sharing stuff (although intent becomes a big question if they're not intentionally leeching). While some P2P networks will ban leechers, it's possible that leechers can report false info to the server for the explicit purpose of evading leecher banning; consequently, leeching must specifically be ruled out by successfully downloading the "shared" files.

Clock Synchronization
The issue of stale data comes up again at the ISP and organization (if there's a large network such as a school that the violating computer is on); though more importantly, there's no guarantee that the clocks on the MS computer (here I'm assuming they've actually downloaded the files from the sharer) are synchronized with the clocks on the ISP/organization. If these clocks aren't well synchronized, there's always the possibility that the account information they get from the ISP/organization isn't for the account that had the IP at the time the files were shared. This would require explicitly testing clock synchronization between everyone involved; I'd imagine it would be troublesome to get an ISP/other organization to put that kind of effort into a response to a subpoena. Although this possibility can alternately be reduced by the ISP/organization checking that there are no logons near the time sharing supposedly occurred; if there is a very large area where no logons occurred, the probability of a false positive is probably negligible, even if the clocks aren't precisely calibrated.

Network Address Translation
Next, NATs provide a major problem for identifying the offending computer, because it's entirely possible that that there are multiple computers using the same IP at the same time. In theory (and subject to the problem in the next paragraph) the router can distinguish which computer has which connection at what time (NATs assign unique port numbers to each computer sharing an IP address), but the probability of this information still being around by the time a suit is filed is low, even under normal (non-destruction-of-evidence-type) use. Whether an IP is a NAT or a single computer can be halfway reliably determined by investigators like MS using public info (I recall you got hung up on that point in one of the early trials of yours). If the IP is a NAT, it's going to be significantly harder to prove which computer shared the files, and requires forensic examination of the hard drives or someone on the network confessing (or the RIAA's preferred method: file a suit against the account holder and expect them to give up the person responsible rather than face court or settlement costs). However, this problem is short-circuited if the RIAA gets lucky enough that the P2P application uses user names (some do, some don't), and the name of the sharer is known to be used by a certain person (although I suppose someone could maliciously use the name of somebody they don't like).

IP Spoofing/ARP Poisoning
As well, I'm told by people more knowledgeable than me (I came up with the idea, and then asked them to verify that it could be done in real-world networks) that depending on the configuration of a network it's possible to operate under the IP address of somebody close to you (perhaps somebody in your dorm). This would very likely require intent to deceive, but it might be attractive for someone who wants to download stuff without getting in trouble. I don't know if there are tools out there that make this easy enough for your average user to do, but it's definitely technologically possible, given the right network. In fact, I have a friend who is a very skilled network "hacker" (he publishes articles in security journals) who had written a program to disconnect file sharers from his school network because they were hogging bandwidth and making his connection slow (and he did so without being a network administrator, as far as I'm aware; however, that was a simpler case than sustaining two-way communication); network hacking is outside my field of expertise, but I'm betting this involved what I'm describing in this paragraph. it would depend on how secure the network configuration is, but I'd reason (keeping in mind that I know some about networks but they aren't my specialty - I'm just highly inquisitive, and know a moderate amount about many topics) that wireless networks are especially vulnerable to this. Ruling this out requires knowledge of the physical layout of the network the sharing computer is connected to, and the network administration policies (I would guess that this is usually not done due to annoyance for the network administrators, but perhaps some would). This seems like a viable defense, but I'd recommend talking to a network expert about this directly (my friend isn't online at the moment, so the confirmation of feasibility didn't come from him).

Making Available
Finally (at least I think this is the end), there's the nebulous issue of making available. Even if MS knows for sure that this person was on this computer with this IP address at the time, and MS successfully downloaded a valid copy of a copyrighted file, there isn't a guarantee that this file was actually distributed to other people. In P2P applications with very large networks, it's very possible that simply nobody other than MS ever asked for a copy of a file from a specific computer, so there was no actual distribution. In such cases, it becomes very difficult to even estimate the probability of someone else downloading the file (as I've explained that it's not enough simply to ask other computers if they downloaded the file from that computer - even if the P2P application has a way of asking that - as the computer may be lying or propagating incorrect data (it could be that the "sharing" computer is a leecher and only says it uploaded the file). Obviously this is only an issue if making available is not ruled to be equivalent to distribution.

Questions, comments? Anything (or everything) I didn't explain well enough for laymen, or anybody technically apt want to know exactly what I'm referring to in some cases (it might not always be clear exactly what I was referring to, as I didn't explain the technical details behind that list of risks)?

And oops, I did it again - sat down to write something that was supposed to be fairly concise, and ended up writing something that looks like a judge's ruling document. But at least it made me forget about my flu for a couple hours, so that's a good thing.

Justin Olbrantz (Quantam) said...

Ah, I knew I was forgetting some important things - obviously MS needs at least a PI license to collect evidence in applicable states despite not using any novel methods, for the obvious reason that it's also necessary to prove that what's presented at trial is what was actually gather - evidence retention and custody. Of course there's always the possibility that they fabricated the evidence entirely, but there's no good way to prove they did/didn't even with a license.

As well, the existence of an unsecured wireless network at a residence sued by the RIAA should be an almost automatic acquittal of the defendant by any informed judge, as it's trivially easy to access such networks (under normal configurations - only a comp-sci person with knowledge of networks would know how to effectively secure one of these) without ever entering the house, and there are many known cases of hijacking people's home wireless networks in the real world.

Anonymous said...

the delay has been and is prejudicial to the Defendant.

It most certain has. Fear and uncertainty, and the running up of Defendants legal bills, all while the RIAA continues to pursue a legally deficient, defective case. How much worse can it get?


Anonymous said...

Alter_Fritz is correct. Any privilege log regarding a hard drive absolutely must include "All Unallocated Sectors or 'Free Space' on the drive not contained in any current file(s) is privileged and not to be inspected. This also includes any 'Deleted' file names in subdirectory file lists."

Let the RIAA argue why they're allowed to see your temporary and/or deleted files. Heck, people buy drives off of dBay that are full of data in unallocated areas. There's a great chance that there's data there you never put there, and never knew about.

Call it a Practice Tip.


Anonymous said...

So much here to comment on:

Finally, Plaintiffs attached to their Complaint substantial evidence of Defendant’s infringement, namely, the user log reflecting the contents of Defendant’s KaZaA share folder, showing all of the sound recordings, including the Copyrighted Sound Recordings identified on Exhibit A to the Complaint, which Defendant was distributing to other Internet users when Plaintiffs’ investigators detected the infringements at issue. (Doc. No. 1 at Exh. B.) This exhibit provides significant information concerning the date and time on which Plaintiffs’ investigators discovered the infringements at issue, the manner by which Defendant infringed Plaintiffs’ copyrights, substantial information regarding the works that Defendant has infringed, including the artists, song titles, and sizes of the audio files, and the number and types of files in Defendant’s share folder. Specifically, Exhibit B shows that Defendant was using the KaZaA file sharing program under the username “zennscooby@KaZaA,” to distribute thousands of audio files to millions of other P2P users.

If you believe this pile of Plaintiff Poo, MediaSentry identified the actual "Individual" doing the filesharing, and this is proven by Exhibits A and B, which purport to list filenames retrieved from a computer MediaSentry has never seen, running software that MediaSentry can only guess was KaZaA – because it acted like KaZaA.

The Plaintiffs should be thrown out of court for this alone. They're either lying, or stupidly misinformed about what they know and don't know, and are passing those lies, or misinformation, along to the court.

Absent some allegation of when the Plaintiffs’ claim may have accrued, Defendant is left without the potential benefit of the affirmative defense of the statute of limitations.

Powerful language from the Defendant's attorney. Of course the RIAA doesn't want to specify the time they claim that the infringement occurred precisely because of the Statute of Limitations problem. That's why they use the outright lie of "Continuous and Ongoing" in their claims.

You can't prove "Continuous" unless you have monitored this Defendant for every second of every day of every year since this IP address -- an IP address, not a person -- was detected in alleged infringing activity.

And to claim "Ongoing", you have to show many more instances than just the first one, or a couple within a day or week of each other. They must be able to show that exactly this same "Individual" engaged in exactly this same act at many times over a broad swath of time.

Of course, they can't. But it seems that they can lie about it without consequence.

To plead a claim for abuse of process, the claimant must allege: “(1) a willful act in the use of judicial process; (2) for an ulterior purpose not proper in the regular conduct of the proceedings.”

How about commencing sham court cases solely for retrieving private personal information, WHICH YOU HAVE NO INTENTION OF USING IN THOSE CASES THAT YOU INSTIGATED TO RETRIEVE IT?. Would that constitute Abuse of Process?

Are the courts just outright stupid about all this? It sure seems that way.


Anonymous said...

Plaintiffs confess that MediaSentry investigated an Internet Protocol (IP) address that is physical located in Arizona. (See

Nice one. The RIAA/MediaSentry has long contended that because they don't know where the ISP account holders are located when they spot infringing activity, they can't be held liable for investigating in states where they're not licensed (which is all of them).

They also claim that because their offices aren't in the unlicensed state(s) and they just go over the Internet to act like any other KaZaA user, they don't need licenses in other states. Would that argument hold up if they investigated bank accounts in other states using the telephone and fax from their offices in California? I would think not!

Plaintiffs claim that the violations of the Hobbs act cannot be sustained because there was no effort to extort or rob Weed.

I almost died laughing from that one – which would have probably made the RIAA very happy.

If Plaintiffs’ argument had merit, Noerr-Pennington would act as a shield for all conceivable acts undertaken by a party to a lawsuit, including settlement obtained at the point of a gun.

Now there's in image that it takes an Arizona lawyer to properly put across to an Arizona court. It might work equally well in Texas.


Anonymous said...

For what it's worth, it looks like you have to have a license in AZ to practice debt collection. I'm sure it comes as no surprise that Settlement Support Centers, LLC does not appear to hold an AZ license for debt collection.

See AZ laws here and here.

Particularly juicy is here: 4. Except for attorneys licensed to practice law, not attempt to collect any collection fee, attorney's fee, court cost or expenses unless the fees, charges or expenses are justly due from and legally chargeable against the debtor, or have been judicially determined, nor shall any licensee engage in any unfair or misleading practices or resort to any oppressive, vindictive or illegal means or methods of collection.

and here: A. It is unlawful for a person to conduct a collection agency in this state without having first applied for and obtained a license under this chapter.