RIAA Wants To Start Peeking Into Files You Store In The Cloud
from the of-course-they-do dept
The RIAA really just doesn't know when to give up attacking and to start innovating. Its latest legal move is to file for a subpoena to get information from cloud storage provider Box.net to see if some people are using the service to store and share unauthorized music. There are, of course, a variety of different services out there for cloud storage, that allow individuals, small groups and companies to share files -- not for illicit purposes, but because that's how collaboration and sharing work. I use just such a service to share photos with my family, and another to share documents with coworkers.But, of course, technologically speaking, the actions of these systems can just as easily be used to share unauthorized content in a potentially infringing manner, and it appears that this is what the RIAA is targeting. As Eriq Gardner notes at the link above, it's not at all clear what the RIAA intends to do with the information it gets. It's difficult to see how it could sue Box.net, who almost certainly has no real liability here, but it could go after the users -- something we'd thought the RIAA had sworn off for the time being.
The whole thing just seems like a waste of time. This is what computers do. They copy. There's always a way to copy. Pretending you can stop that isn't rational. What would be rational is helping the RIAA member labels adapt, but for whatever reason, that just doesn't appear to be within the RIAA's skillset.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: copyright, riaa, sharing, storage
Companies: box.net, riaa
Reader Comments
Subscribe: RSS
View by: Time | Thread
Who bears the cost?
Everyone else. That's who.
It is everyone else's job to support the RIAA's obsolete business model.
Consumer Electronics.
ISP's.
Hosting providers.
Search Engines.
And now any type of new service that has substantial noninfringing uses.
Of course, they don't care about noninfringing uses. They'll come here and whine about "enablers and facilitators". They don't care about anyone's rights or privacy either.
They don't care if it breaks the Internet. They'll just answer with "I just don't see it". Of course. There are none so blind as those who willfully cover their eyes. See no evil.
Of course, since I say this, I'll be accused of supporting piracy.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
the NRA's skillset
That's all true, too. I guess we'll just have to give up on gun control and adapt.
[ link to this | view in thread ]
Re: Who bears the cost?
:-P
[ link to this | view in thread ]
Re:
Using that logic, why wouldn't the provider of the wires that transmitted the files be liable for contributory or vicarious infringement? After all, they were one of those enablers and facilitators. It was their wires that carried the unauthorized bits.
Also why shouldn't router providers, say Cisco, also be liable? Their routers processed and forwarded each and every single packet containing unauthorized bits.
[ link to this | view in thread ]
> There's always a way to copy.
> Pretending you can stop that isn't rational.
Trying to make strings of ones and zeros not copyable is like trying to make water not wet.
Since when did anyone accuse the RIAA of being rational?
[ link to this | view in thread ]
It seems like a reasonable possibility to me - lead guitar puts up a riff and the bass player adds the bass line and the drummer adds the percussion, etc..
If this is true - I wonder what these artists have to say about the RIAA taking this action concerning the cloud services.
[ link to this | view in thread ]
Re:
Easy peasy. Just make some numbers illegal.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: the NRA's skillset
[ link to this | view in thread ]
Re: Music collaboration
Check out soundcloud.com
It's not exactly what you've described, but bears some real similarity.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
I would assume that they are shielded via the DMCA Safe Harbor provisions. They would have to react to take down notices like any other service provider.
I am not exactly sure how these cloud services work, but I would assume that most all exchanges are private and I am not sure how a rights holder would even know about an infringement without violating privacy.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
> someone to distribute copyrighted material
> I'd think it at least goes to trial.
That's like saying the phone company is liable for the illicit/illegal actions of anyone using a telephone to conspire to commit a crime because they're making money off the phone accounts.
[ link to this | view in thread ]
Re:
I mean, it's not illegal to just store your personal collection on the service, so I fail to see the purpose of their request.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Tools are not good or bad. It's all in the intent of the user. Cloud services are just tools. So are the RIAA members.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Did you forget the /sarc tag?
[ link to this | view in thread ]
Whatever.
[ link to this | view in thread ]
Re: the NRA's skillset
If the RIAA was trying to prevent people to buy, own, and use computers at their discretion for purposes they determine... your analogy would hold. As is, you're as far off as is possible.
[ link to this | view in thread ]
Jagadeeswari Yalla
[ link to this | view in thread ]
Re: Re: the NRA's skillset
[ link to this | view in thread ]
Re: whoops - That is why "cloud" computing will never take off
[ link to this | view in thread ]
Re: Re:
As for all the other analogies in the replies, the key here is control. Once you sell something to someone else, you lost control, and therefore liability for its use does not flow back.
[ link to this | view in thread ]
How can they tell?
[ link to this | view in thread ]
Makes sense.
Yeah... right.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Question
I have plenty of stuff from a LONG time ago that I ripped myself from CD's I've owned. I had those way before I ever had purchased any music online. Would they call those files unauthorized?
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re:
Contributory Liability must have
(1) Knowledge of a third party's infringing activity; AND
(2) induce, cause or materially contribute to the infringing conduct
Vicarious Liability must have
(1) the right and ability to supervise the infringing conduct; AND
(2) a direct financial interest in the infringing activity
As I stated above, you can avoid Vicarious Liability if you show that there's no way you can police the activity (Google thumbnails), but that would likely be a question of fact and get past any 12b(6) motions(motion to dismiss for no claim).
[ link to this | view in thread ]
Um - how about encryption?
(And it is so nice being Canadian - we don't have that kind of stupid law!)
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re:
(1) Knowledge of a third party's infringing activity; AND
- how does Box.net know something is infringing?
(2) induce, cause or materially contribute to the infringing conduct
- no different than Google, they are the host not the gatekeeper.
Vicarious Liability must have
(1) the right and ability to supervise the infringing conduct; AND
- 'supervise' implies they review submissions prior to posting. I'm assuming people upload stuff directly to their own 'vault', hence no supervision ability exists. Simply because it *can* be used illegally isn't enough.
(2) a direct financial interest in the infringing activity
- This probably points more toward the bittorrent stuff. Limewire, Napster etc where they were found to be actively telling people to do illegal things with their software. I don't know that Box.net is doing this, do you?
[ link to this | view in thread ]
Re: Re: Who bears the cost?
[ link to this | view in thread ]
Re: Question
[ link to this | view in thread ]
Re: How can they tell?
[ link to this | view in thread ]
Re: Re: Re:
If you don't have a problem with an illegal search based on absolutely zero evidence then you may be living in the wrong country or you might change your mind if some nefarious person pointed their crooked finger and said "I think he's a criminal!" and you become the target of the witch hunt yourself.
I'm personally convinced that Salem NEVER burned an actual witch, even once. However, many people died because of the accusations of those who had no idea what the hell they were talking about but had the power to bring about the death of an innocent person.
I don't believe the RIAA is actually going to cause someone's death with their actions but perhaps ruining someone's life while they are still alive is an even worse fate.
[ link to this | view in thread ]
Re: the NRA's skillset
Totally the same thing. And they say tyranny is the death of nuance.
[ link to this | view in thread ]
Re: Re: Re:
Suggesting that every site that might possibly host user-submitted content must install a filter or whatnot is both a non-starter as well as an unnecessary business expense when DMCA Safe Harbors apply.
[ link to this | view in thread ]
Re: Re: whoops - That is why "cloud" computing will never take off
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re: Re:
This means there could be 2 possible forms of distribution, either downloading the content by another user or the streaming of the content to someone who isn't the owner of that space on the cloud.
As far as your straw men, nowhere did I say I agree with the blind issuance of a subpoena(I haven't read it so I don't know what details they have). If they have evidence that people are using it for illegal purposes, then it's probably part of discovery once it gets into court, although I really think that initial hurdle will be tough to overcome.
My issue(and please re-read so you can make sure I'm not changing my story) was that Box.net was not liable for infringement, if it actually is occurring. I think that's something ripe to be in a case law book in about 5 years(2 for the DC opinion, 2 for further appeals, 1 for editing and printing into the book).
[ link to this | view in thread ]
Re: Re: Re: Re:
Vicarious is where I think there's a shot, maybe about 20-30% depending on the judge and the jury. Certainly not cut and dry though. I think you're misreading supervise, the few cases I read make supervise sound somewhere between "control" and "effect." I don't think it would hinge on the interpretation of that. To me it's more of the ability to supervise, which I'm not sure they have except for extreme cases where people are using their servers to distribute music. The second part isn't intent driven. It's whether they make money from that activity(to be extremely blunt).
[ link to this | view in thread ]
what is legal
Their link to Legal Music sites is down. Apparently they can't think of any...
http://www.riaa.com/toolsforparents.php?content_selector=legal_music_sites
[ link to this | view in thread ]
neither do you, apparently.
[ link to this | view in thread ]
Re: Um - how about encryption?
Once they do that, they can give all our info to RIAA and it will be gibberish. Of course, if I name a file something like stairwaytoheaven.mp3, encryption won't hide much (though some us us will have fun naming soft porn files like that just beggin' them to peek.)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re:
ISPs can "see" the same information passing through their network too, and they can ban a user from their service. However if an ISP or Box.net decided to randomly or systematically police their networks:
1) It's an invasion of privacy.
2) There's no master database to match the raw information up against. There's no way to tell what is infringing and what isn't outside of a court ruling. There are fair use provisions and potential contracts that the end user has that the ISP has no knowledge of.
3) When it comes to people transferring encrypted information, it's technically impossible to use that raw data in any meaningful manner without the key.
ISPs and Box.net have about as much control as the electric company. If someone was using the electricity in their house to perform electrocutions on victims, should the electric company be liable? How the hell would they know the difference between a human frying or a heavy appliance being turned on?
Once you sell something to someone else, you lost control, and therefore liability for its use does not flow back.
Right, unless they had knowledge that someone was doing something illegal and didn't stop it. If a purchaser tells a gun dealer he wants to buy a gun to commit mass murder and the gun dealer doesn't notify the police, he may be found liable if he goes through with it. The same thing goes for a user on the internet telling their ISP that they're about to break copyright law, which is an exchange that probably never happens, but if it did the ISP may be liable.
[ link to this | view in thread ]
Re: Re: Question
[ link to this | view in thread ]
Encrypt, dammit!
SSH et.al. work nicely for transport, including setting up VPNs with strong encryption and compression.
All these technologies (and related ones) should be in use all the time, as a defense against the inferior people in the RIAA, the equally inferior people in the MPAA, and the even more inferior people in governments who are traitors to their own laws.
Encrypt. And do not surrender the keys.
[ link to this | view in thread ]
Re: Re: Re: Re:
(2) I said this somewhere else, but I'll reiterate for convenience, it's not a question of whether the actual song was downloaded illegally. It's the use of the Box.net system to distribute music illegally that will get it into trouble. I agree, the actual music on the servers would be impossible to police, but who actually accesses it and how ofter are things that would be less outrageous.
(3) OK. Does Box.net not log where the account was accessed from? Is this impossible?
As for the last statement, I'm not really sure the generalization is correct(although the gun example probably is in most states due to legislation).
[ link to this | view in thread ]
Re: How can they tell?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: the NRA's skillset
@Gregory "This is what guns can do. They can kill people. There's always a way to use a gun to kill people."
Let's look at these two assertions together.
Guns can kill people. We don't want people killed so we attempt to regulate who can own a gun, what kind of gun and ammunition they can own, and how much of it they can buy. To the extent that gun control works, that is how it works.
Computers copy things. Using the logic behind gun control we should not be wasting our time trying to regulate what people can /do/ with their computers but rather who can have a computer at all, how much bandwidth they can use, and how large a hard drive they can buy. Which would actually work quite nicely if we can use the last 30 years as a guide.
The debate on gun control is an active debate in the USA because there is widespread disagreement about whether the benefits of having guns outweigh the dangers of having them. There is no such discussion about the benefits of having computers spread widely through society.
Unless we're trying to say that we shouldn't have computers any more, we need to understand what having computers everywhere means, and one of the things it means is copying, everywhere and all the time.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
We'll get the Department of Pre-Crime right on that.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
Do you think Boxnet is monitoring every upload? That's an insane and ultimately impossible waste of their time. I'd bet real money even that wouldn't be good enough for some of these collection societies anyway, seems to be how they roll, expecting others to do their work for them and just magically know what's authorized and what isn't.
The uploader is the culprit. I'm sure Boxnet, if notified properly, would and does cooperate with notices of perceived infringement so they can avoid any appearance of liablity. Allowing the RIAA or whoever to just go poking around in what users think are private files is outlandish.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
(1) the right and ability to supervise the infringing conduct; AND
(2) a direct financial interest in the infringing activity
Considering they don't supervise, nor do they have a direct financial interest in the infringing activity, this fails easily.
I can't believe anyone would seriously think it even has a shot.
[ link to this | view in thread ]
Re: Re: Re: Re:
They don't make money from hosting this server space? (direct financial interest)
Mike, those are essentially the legal questions put into layman's terms. This is what made Napster illegal, the fact that they could control what songs went through their centralized server made them able to supervise the conduct.
Since they oversee(albeit somewhat indirectly) uploading and downloading on their server space, I can't see how you could actually think that there is not any type of legal question involved here. I don't think they have a great, or even good, case but it doesn't mean there is no case.
[ link to this | view in thread ]
Watch the fun!!!
Could I store my photographs on Box but name them Thor.avi and Dark_Knight.MP4 Would men in dark suit and sunglasses visit me?
Sounds like misdirection could be a fun game to play with the RIAA.
[ link to this | view in thread ]
Re: Re: Re:
Like, oh...you.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
Willful blindness defenses don't do well in court.
Can strip clubs say they're in the clear because that can't see what's going on when people go into a private room?
[ link to this | view in thread ]
Re: Re: Re: Re:
Everyone else in the world is expected to police themselves, yet supposedly the internet shouldn't have to?
Ridiculous. And an impossible scenario to sustain.
[ link to this | view in thread ]
The real issue is this statement in the original report:
Am I the only one here who is amazed that this subpoena could actually be allowed? Its like a subpoena to get enough evidence and information that they then have enough probable evidence to initiate a lawsuit, and get discovery abilities ie: a subpoena.
In other words..
"Sorry your honour, all we have is hearsay, some spectral evidence, the prescience of our rune caster/astrologer, plus we heard it on the internet so it must be true. So please, pretty please we need to court order to really dig deep and get some real probable evidence (or at least what we call evidence) so that we can then get another justice to give us a real judicial discovery order"
WOW! No wonder Natural Justice nor Procedural Fairness does not arise in US proceedings anymore
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
And now, because a small portion of your economy doesn't like it, you want to change it? Just egt the fuck out, go live in Death Valley and die in a sunfire, please, kthxbai.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re:
1) Let's ban power plants, as they supply infringing electrons!
2) Let's ban water suppliers because people might drown!
3) Let's ban fans because they might copy your work!
4) Let's ban the Internet because we don't know how it works and it might be used for criminal activity!
5) Let's ban all crime because it might make more criminals!
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Let them have it
[ link to this | view in thread ]
Re:
You'll need to use a better analogy :)
[ link to this | view in thread ]
Real Ignorant Assholes of America!
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re:
Now, do I think it will go to court, yes. For some reason the RIAA is too dumb to realize that more ways to access your music is a good thing. Do I think they win if it goes all the way to the court of appeals, if they have all the facts they need it might be 40% chance.
As for the private files, this is from the box.net user agreement:
Box.net shall have the right, but not the obligation, to reject, refuse to post, or otherwise monitor all content displayed by users, and may remove or require users to remove all content that Box.net, in its sole discretion, deems to be (a) inconsistent with Box.net’s strategic mission and vision (including but not limited to content that contains undesirable images of or links or references to tobacco and alcohol products, profanity, pornography, violence or prejudicial content) and/or these Terms of Use; or (b) possibly in violation of applicable law.
Seriously, they've contractually provided that they can police your info for porn and infringing content and take it down if they don't like. The whole terms of service
[ link to this | view in thread ]
Re: Re: the NRA's skillset
They already think Copyright Infringement is the exact same thing as stealing.
[ link to this | view in thread ]
Re:
Get with the times man!
:-)
[ link to this | view in thread ]
Re:
MPAA vs eyeglass industry.
[ link to this | view in thread ]
Re:
> this subpoena could actually be allowed?
Am I the only one here who is amazed that
an RIAA droid could become a federal judge?
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
Um. No. Hosting is not supervising. Don't be ridiculous. What court has ever found that?
They don't make money from hosting this server space? (direct financial interest)
Wrong again. They do make money from hosting, but that's HOSTING. Not infringement. They make the same money whether the file is infringing or not. That fails the standard, and you know it.
If merely hosting was enough to qualify you for direct financial interest, then there is no DMCA safe harbor. It simply doesn't exist. And that's clearly ridiculous.
Mike, those are essentially the legal questions put into layman's terms.
No, those are essentially you being misleading about the standards and the technology in question.
[ link to this | view in thread ]
Re: Question
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
How can you demonstrate the second without knowledge of the first?
(3) OK. Does Box.net not log where the account was accessed from? Is this impossible?
Sure, that's possible, but it still tells you nothing about what is in the encrypted file. (Whether many people are using encryption on services like this I don't know)
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
Less every day.
[ link to this | view in thread ]
Re: Fighting pirates is in the Constitution!
Sorry...
[ link to this | view in thread ]
Re: Re: Fighting pirates is in the Constitution!
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
So, you're fine with the removal of the 4th amendment and 1984 policies being introduced as long as a contract specifies it (which would presumably in place for every ISP to avoid liability, and so unavoidable)? Classy.
"(2) I said this somewhere else, but I'll reiterate for convenience, it's not a question of whether the actual song was downloaded illegally. It's the use of the Box.net system to distribute music illegally that will get it into trouble."
Wow, I see some effing dumb comments on here but this takes the biscuit....
How in God's name can a service operate under your system? They cannot possibly know whether or not a song is infringing, especially when you take into account fair use, and the fact that a copyright holder could utilise the service to distribute files themselves- so, even copyrighted files are not necessarily infringing. Yet, you seem to maintain that they should be liable for infringement, even though you admit that they have no way of telling if the file is infringing? That's just ridiculous.
If your system was introduced, nothing would be legal on the internet, since everything (including comments here) could be potentially infringing and every site would need to shut down to avoid legal action.
"(3) OK. Does Box.net not log where the account was accessed from? Is this impossible?"
They can identify an IP address, not an individual, and this can be easily spoofed. Also, why should they help law enforcement if they're going to be held liable anyway in your opinion?
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
Untrue. Printing presses are not expected to check the copyright of the books they print. Libraries are not expected to check the copyright status of their stock. Phone companies are not expected to monitor calls to see if copyrighted material is being transmitted. Photo developers were never expected to check the copyright status of every photo they printed. Software companies are are not expected to check if the files their software is burning to CD or sharing on a network are copyrighted.
Why should the internet - which is nothing more or less than a communications medium - be treated differently? especially since - as is often pointed out - the copyright holders themselves often get it wrong, and it's impossible to tell the copyright status of some content accurately.
[ link to this | view in thread ]
Re: How can they tell?
[ link to this | view in thread ]
Re: what is legal
Of course not. Since they don't seem to have a clue themselves and licensing changes constantly without users being informed...
[ link to this | view in thread ]
Re: Re: Question
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re:
1) I'm not sure where the 4th amendment applies here. Since when did the constitution apply to private parties? Since when does a novel actually apply to the law? Lets just look at what they're actually doing here instead of throwing up ridiculous straw men and slippery slope arguments.
2) My comment is more toward the extreme end of the infringement, not really small scale(which is next to impossible, as I've said before). If you're actually using the cloud service for what it is supposed to be(and I'll apologize, I was projecting Amazon's service onto this) having a high number of downloads of single files from a single user would be suspiciously like distribution of materials. I'm not saying that this is illegal(given the right terms it is not), but I don't think that it would stop a court from going through discovery.
3. I never said they should. I'm not their corporate counsel, and do not know every single specific about their system, but if I had to advise I'd give them 2 options. The first is allow the RIAA to look for zero liability on any prior infringement, and offer to remove anything that's blatantly infringing. It covers your ass, but you lose a ton of PR. The second is fight it, have a pretty good case(although it's not as cut and dry as Mike makes it out to be, which was my original problem with his post, he over exaggerated a relatively big issue) and make a statement, as well as get some good PR, but spend a bunch of money.
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re:
1) It doesn't matter if they make the same money from infringing or non-infringing material. Please read Fonovisa v. Cherry Auction, in the first paragraph they give you the facts and the Vicarious Infringement section sets out the analysis clearly. In this instance, Cherry Auction ran swap meats, and leased to booth vendors for a daily fee, the booth, parking and advertising. The fee was static whether or not you sold infringing material(which is the exact same scenario as your trying to claim). They were found to be vicariously liable for the sale of the infringing products. This is directly on point to the issue you raised.
2) So if it's as simple as classifying something as hosting, why does anyone have to do anything? Why is there the DMCA? I mean if youtube just said it was hosting others material, why would it be liable, they only have all the software, interface and server space necessary so it can be done, but they don't actually do anything. Vicarious liability is really spawned out of agency principals(see suing an employer because the employee was in a car accident on company time), and I think this is a murky question, it's not as cut and dry as you have implied (box.net "almost certainly" has no liability). I'm just saying not to be surprised to see this make it to a court of appeals where they ultimately rule for box.net(my opinion).
[ link to this | view in thread ]
No. Ancient Common Law probably applies here.
> applies here. Since when did the
> constitution apply to private parties?
Contrary to popular opinion, a land lord can't just violate our privacy and rummage through your things. There's more to this situation than just an oversimplified (and self serving) reading of the US Constitution. A lot of this stuff goes way back, a lot farther than any copyright law does.
The storage locker analogy is a very apt one.
[ link to this | view in thread ]
Re: No. Ancient Common Law probably applies here.
[ link to this | view in thread ]
Why RIAA stil exists on this world?
[ link to this | view in thread ]