US Copyright Group Lawsuits Based On Highly Questionable Evidence
from the here-we-go-again dept
US Copyright Group was the first US operation to really dive into the whole copyright trolling business of suing thousands of people based on weak evidence of infringement and then offering to "settle" for less than it would cost to go to court. It was known that US Copyright Group was a front for DC-based law firm Dunlap, Grubb and Weaver, and a few months later it came out that US Copyright Group was actually a combined effort between Dunlap, Grubb and Weaver and a German "anti-piracy" tracking company named GuardaLey, who had set up similar partnerships elsewhere.However, as TorrentFreak reveals, in a lawsuit filed against US Copyright Group over its legal strategy (more than 100,000 sued!), it appears that GuardaLey was the real driving force behind US Copyright Group... and its technology for identifying "pirates" has been found wanting (at best). A German court in a similar case found GuardaLey's tracking software to not be very good at actually identifying infringement, since it fails to determine if any work is actually shared. Now, though the RIAA may be pushing for the idea that "making available" equals distribution, some courts have already disagreed. If it can't show actual uploads or downloads, USCG may have a tough time proving infringement.
Even more troubling are claims that GuardaLey set up honeypots to try to get IP addresses to sue. If there's a honeypot, then, as long as the content is accurate, the download is authorized since the companies doing such copyright trolling usually have licenses over the content. Or, if the file is fake, then there's no infringement, since the actual file wasn't downloaded (let alone available).
Of course, we see this kind of thing all the time, with copyright supporters insisting that all you need is an IP address to identify someone. It's a lot more complicated than that, and making that assumption while going after 100,000 people suggests that any nuances around IP addresses are completely ignored.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: evidence, ip addresses
Companies: guardaley, us copyright group
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Or it could also be real, and there's still problems with that.
[ link to this | view in chronology ]
Re: Re:
Anyway, the idea is: GuardaLey makes torrent, gets IP addresses by seeing what IP addresses downloads from GuardaLey.
[ link to this | view in chronology ]
Re: Re: Re:
Ummmm�no.
One of the big points is that IP addresses listed in the swarm do not necessarily have anything to do with anything.
The University of Washintton study �Tracking the Trackers� finds:
GuardaLey accuses IP addresses. But GuardaLey does not verify that those accused IP addresses actually connect or run BitTorrent.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
However ownership/use of a computer is not a prereq to getting an extortion letter.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
I doubt that.
Addresses are so easy to get confused ... it would be a simple "error" to send letters to the wrong address, keeping the ill gotten gains.
[ link to this | view in chronology ]
Re:
They are widely used in criminal investigations for such things as unauthorised computer access (hacking/cracking/phreaking), indecent images (childporn etc), fraud, embezzlement, and anything else that can lure a criminal into a 'controlled' environment that there actions can be tracked and used as evidence in any matters that might lead to a charge/conviction.
The problem in criminal investigations is that they are basically a controlled and legal form of entrapment in certain situations where the governmental authority gets granted immunity. It is still a VERY VERY gray area that is a legal quagmire.
On the civil litagation side of things it is even more of a gray area, in fact it goes into the area of the actual owner of the honeypot actually committing a form of entrapment. Though since entrapment is a defence to a criminal prosecution, and the IP owner of the honeypot is not actually law enforcement entrapment itself cannot actually be used. Though this doesn't mean that the legal elements of entrapment like fraud, misleading conduct, or undue persuasion/influence have not been breached. As I said 'a form' of entrapment
IP owners using honeypots, whether as single torrents, torrent indexers, mp3 folders on servers, whatever, are by definition specifically authorising and/or licensing the usage of their IP to the user of the honeypot therefore destroying the infringement claim that they try to bring. Since someone can not only infringe something that is authorised
This could lead to cross claims of fraud, privacy violations, deception, extortion, hacking, conspiracy (RICO???), enticement, just to name a few. In the case of children (under 18) being led to the honeypot an interesting situation could occur in that the IP owner could be liable under the attractive nuisance doctrine if damage/injury occurs to the child, and that injury could be the emotional or financial damage of fighting the infringement claim.
Even worse, as far as can be seen there are no actual precedents for the use of honeypots in the USA or common law countries courts, nor even non common law countries for that matter (this info was as at Nov 2010 though I have never heard of anything since either). This further makes it a highly contentious and legal minefield for any IP owner to even try to justify their usage.
Most legal advice suggests when considering honeypots that are dealing about a highly contentious, political, and social area, as in this situation. DONT!
[ link to this | view in chronology ]
Re: Re:
http://copyrightenforcementgroup.com/p2p.php
The judge in one of his cases has ordered the Plaintiff Attorney to produce some interesting documents.
http://fightcopyrighttrolls.com/2011/08/25/troll-ira-siegel-was-ordered-to-disclose-ho w-much-money-he-extorted-from-does/
Thanks to Jane Doe!
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
http://dictionary.reference.com/browse/gray
http://dictionary.reference.com/browse/gre y
...it looks like grey is considered an alternate spelling for gray.
[ link to this | view in chronology ]
Re: Re: Re:
We are playing the word association game aren't we?
If not you might be interested to know that Gray is a colour, 50% black actually, though not my favourite it is still in an honourable position. Though I realise some will kick it to the kerb I take no offence at this, and think it is just a pretence.
BTW, the above is spelt correctly for real English speaking countries ;)
[ link to this | view in chronology ]
Re: whats a honeypot
So, you download a file that may be fake (in which case its not infringement, or its real in which case they authorised it. They obviously know IP address is not very accurate - which is why they ask for some identifier.
at a guess.
[ link to this | view in chronology ]
Re: Re: whats a honeypot
[ link to this | view in chronology ]
Re:
Bait. Imagine a box of commercial DVDs left sitting on the sidewalk outside a store after closing. There's nobody around, so you grab a couple. The second you do, the lights come on, cops appear and you get arrested.
In BitTorrent, it would be putting up files (either real or fake) for the express purpose of allowing people to download them, so that those people can then be sued.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
No matter the circumstances, you don't have a right to take something that is not yours. It isn't abandoned property.
I suspect in this case Torrent Mike and Techfreak left out the simple "bounce" test, which is once an IP downloads a segment, you turn around and request it back (you know, P2P works in two directions). If that piece comes back to you, then that IP address made it available.
[ link to this | view in chronology ]
Re: Re: Re:
Several of the smaller firms use off the shelf clients that upload and download so that make sure a copy stays out there so they can collect more IP addresses.
But thanks for playing.
[ link to this | view in chronology ]
Re: Re: Re: Re:
thanks for trying to play, now try again.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
To make the magic thinking box do the bounce test, you need a piece of code that tells the magic thinking box to do it. The companies who gather ip addresses do not like to pay any more than they have to, so they do not buy programs that do it. programs are what code is turned into.
Many of the lawyers who are doing these kinds of cases, use the same client programs as other people, with no changes made to them. This means that they are helping the infringement to be more wide spread so they can extort money from more people.
Ip spoofing is like using fake caller id information, and makes the people looking think the call came from somewhere else.
Your not fun to play with, you can't keep up.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
This helps to try and form the public association of P2P and Crime.
People believe that "pirates" are "stealing" billions of dollars a year, because of the claims of the industry and various AC agents keeping that idea alive.
The problem is these billions of dollars are not appearing anywhere else, because they do not exist.
Commercial Copyright infringers can't compete with the free sharing and in most cases do not bother.
There is little if any money generated in regular people file sharing, and that money would be generated by advertising allowing the site to stay in business, not allow the criminal masterminds to retire to a warm island with no extradition treaty.
But they will be making comparisons of apples to oranges to elicit a response they want by leading people by the nose.
[ link to this | view in chronology ]
Re: Re: Re:
They've done that with other things too, like bicycles. Basically, the idea is just to take something of value and leave it out in the open, go hide, and then wait for someone to come along and take it. Then, BAM, jump out and make a "bust". The interesting thing is that they seem to never target wealthy areas. I think it'd be funny for them to do one of those cop show stings by leaving bundles of $100 bills laying around a country club. I wonder how many wall street bankers they could snag.
[ link to this | view in chronology ]
Re:
The purpose is to wait for a system that is infected with Windows to attempt to infect the honeypot computer. Then I can record the techniques used to infect the honeypot, and collect actual samples of the malware.
Another example honeypot would be one to trap spam robots. Some spammers use robots that crawl the web (just as Google and Yahoo crawl the web to build their search index). Spammers do this to gather email addresses that they find on web pages. A honeypot in this context would generate fake pages with fake email addresses. Each page would have links to other honeypot pages. Since the honeypot generates these fake pages on the fly, it is a website with an unlimited number of fake pages and fake email addresses. This pollutes the spammer's database with fake email addresses, and wastes the spammers time trying to connect to the email servers of these fake email addresses -- and those email servers may be programmed to respond v e r r r r r r y s l o o o o o w l y in accepting the connection and incoming email from the spammer. No human would ever have received these fake email addresses nor would be attempting to send email to these fake email addresses.
[ link to this | view in chronology ]
I'm surprised no one has used this on the PROTECT IP and COICA sponsors.
[ link to this | view in chronology ]
Re:
By �sponsors� you're referring to the individual senators?
You do understand that there does not exist a one-to-one correspondence between IP addresses and individuals.
Further, what makes you think that these senators even use computers? It may be hard for you younger kids to wrap your minds around this, but most senators belong to a generation, and a mindset, that relegated computers and typing to secretaries. It wasn't an executive-level skill. It was something women did �and not even all women� certainly not women senators who wanted to distinguish themselves from the typing pool!
(Engineers and computer scientists don't count in that mindset either. Perhaps engineers and computer scientists aren't women, but they certainly aren't senators.)
[ link to this | view in chronology ]
Re: Re:
I am willing to bet that despite the claims by the copyright trolls that they can't tell where they are, that addresses that resolve to .gov never get placed into any filings.
I know they have targeted .mil addresses, so they know who not to bother.
What would be wonderful is if Google sued USCG preemptively.
USCG named a Google owned IP address in one of their filings, Google has enough money to make USCG look silly in court and a slam dunk case to raise real questions about these extortion attempts.
[ link to this | view in chronology ]
Nah, just ask Gabriel.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Because we know that innocent people will pay the small amount to avoid a long expensive battle. (See the blind man case.)
If they are still using the exact same technology, and no infringement occurred, they extorted these people.
They had nothing to back their claims in court that could prove infringement.
They lied to a court, they used the power of that court to extort money.
This could also be the reason at least 1 or 2 of the German tracking firms have opened US branch offices.
To show that the connections happened within the US, to bolster the shaky IP identifications.
I mean the people behind the Expendables just dropped the entire 24K Doe case once they figured out only a few people were in the DC courts jurisdiction and they would be blocked from getting anyone outside of that courts jurisdiction.
This has never been about protecting copyright, this has been about creating another revenue stream.
You can not tell me USCG was totally unaware of GuardaLey being called on the carpet in court, they are stupid but that aren't that stupid are they?
This is a case of hoping the technobabble combined with the battlecry of Intellectual Property is our most important thing in the United States would get them rubber stamped.
Even as ACS:Law blew up they added more clients, as the lawyers from whatchamajiger Lyons got reprimanded they continued with this extortion campaign.
I wonder how many other operations are going to be trying to go faster or fold given that a court is now currently aware that this technology has been proved to be flawed, and in some cases there was no real infringement.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
When the case that generated this information was filed, most people didn't pay much attention to it.
They thought it was just someone fighting a windmill.
It really has been off the radar for a long time.
I remember it being filed and hoping they would see some success, I never expected that there would be something as amazing as a court ruling that the gathering firm was not legit.
The use of honeypots has always bothered me, some of them seem to be the real files seeded by "someone".
Then a wild lawsuit appears, it uses terrify... its very successful.
Oh and to live up to the AC portion of my name...
there not their :)
[ link to this | view in chronology ]
Re: Re: Re:
Can you imagine Denny Crane against these trolls, he'd just shoot em *lol*
Barratry is an interesting old-world crime & tort that can sometimes be referred pejoratively as 'ambulance chasing'
It is basically the practice of a plaintiff constantly bringing repeated legal actions solely to harass that will over time lead to financial windfall for the plaintiff because it wears down the fortitude of the respondent(s). It's more to do with the professional conduct (or not) of the legal representation.
Wikipedia [note: I loathe quoting Wikipedia] has a very basic usage of the California Penal Code in regards to barratry [ http://en.wikipedia.org/wiki/Barratry#United_States ] where it is a misdemeanor (yep criminal) though it is a felony in Texas.
Maintenance though (which is also referred to as the medieval doctrine of Champertry) is the wrongful action of an uninterested third party encouraging a lawsuit on the presumption that any damages collected are shared with that third party (Righthaven anyone???). Maintenance is not the same as Contingency Fees between clients and their lawyers though.
Maintenance & barratry should never occur anymore due to legal ethics and Rules of Professional Conduct as set forth by bar associations in each jurisdiction, though sadly it looks like it is coming back into vogue by unscrupulous and unethical parties.
Honeypot's don't bother me that much any more as long as they are used for the correct and specific purpose and are available for scrutiny by all parties. Though they should only be used as an investigative aid, not as a be all and end all, and NEVER for civil situations where there is no immunity.
[ link to this | view in chronology ]
Re: Re: Re: Re:
I watched both, but people seem to understand better when I use Matlock as my example of my legal knowledge. I moreso know whats right and whats wrong.
My real curiosity right now is it looks like GuardaLey sought out DGW.
I wonder if they rolled up with a set of IP addresses, and then contacted the clients they represent.
The German law used to let people collect on behalf of people who had no idea the lawsuit was going on.
The award would be split between the IP tracker, the lawyer and a small amount then sent onto the infringed party.
Might explain why Uwe Bolle bothered....
I have mentioned in the past to people that there were real serious questions about unclean hands in these cases, and I think someone might have proof of that aligning.
[ link to this | view in chronology ]
Re: Re: Re:
wear it with pride ;)
Oh and for all those grammar pundits... some rules
[ link to this | view in chronology ]
Re: Re: Re: Re:
I find the spelling/grammar judgements only get turned up to 11 when they can't find even an irrational way to combat what is being said.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
By chance did you ever hear what the outcome in the Evan Stone beat down was? Last I heard he had to turn over the IPs, letters, settlement records and the Judge was evaluating the possibility of sanctions... and then nothing... and then Stone popped back up working for Funamation suing people for IP Man and IP Man 2.
[ link to this | view in chronology ]
Re: Re:
If you learn anything, please share.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
all
[ link to this | view in chronology ]
all
[ link to this | view in chronology ]
Now there's a great tagline. I look forward to seeing it in a violator on US Copyright Group's website soon.
[ link to this | view in chronology ]
Something fishy there. "Guardaley" means more or less "Custody of the law", "Guardianship of the law", but that's in Spanish���i.e. nothing most Germans would understand. So what is such a company registered in England but with a telephone based in south-west Germany (+�49 7...) and yet not owning a registered German domain exactly up to? One searches in vain after a real name, either on their site or on WHOIS...
[ link to this | view in chronology ]
Re:
They are registered in England most likely because they might have had dealings with Davenport Lyons or ACS:Law or another clone there.
It is quite possible they have no online presence to avoid people trying to hack them, or are buried deep inside another company as another division.
They name could be a rebrand for one of the other IP hunting firms, most of them seem to be based out of Germany (which I do believe was the original source of this type of lawsuit).
[ link to this | view in chronology ]
Re:
""An independent expert's report is in place for Guardaley, but your monitoring will be done through a different legal entity," wrote Terence. "This will mean that we will need to get a new one created. There will be no problems, as the technology used will be exactly the same as Guardaley's." And later: "We are in correspondence with an expert and the report can be finalised fairly quickly, well in advance of the first court order."
So, while Tom Dunlap suggests that "Guardaley" doesn't work for ACS Law, some other company with a new name and the same tech is. This gives Guardaley a hand in the two major "settlement letter" factories in the US and UK."
http://arstechnica.com/tech-policy/news/2010/09/amounts-to-blackmail-inside-a-p2p-settlement -letter-factory.ars/4
They cycle names, but always the same tech.
They use GuardaLey.com and .net
I notice their former sales manager in CA has removed her linked in profile, she ran a group that was the source of many of the first USCG cases.
[ link to this | view in chronology ]
Perhaps that could be one other judgement against such companies, in a court of law; that use of honeypots to garner IP addresses is clearly wrong, if you are a representative of the rights holders, and are using such to sue people.
[ link to this | view in chronology ]
Re:
There is also the chance that the honeypot being operated was nothing so complex as a fake file, but the actual file you want to sue over.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
She has been refusing to listen to all of the people who claim they are innocent in this because the ONLY time they could is when they are named in the case. Of course that time never comes, because USCG will never name anyone because then the evidence could be reviewed and decimated.
She also ruled that Does have no right to quash motions seeking records about them as they are not a party to the case.
How is it well over 120 days after the Hurt Locker case began is anyone still on the hook in this? None of them have been named and served and this is a violation of the rules.
Oh and lets not forget one of the letters was returned to the court, the recipient was deceased.
How much more does Beryl Howell have to do before anyone refers her to the "ethics" people for Judges?
She has facilitated the shakedown of thousands of people based on evidence that has never been shown to have merit.
She has stuck her thumb on the scales of justice, and is weighing the rights of a copyright troll firm above the rule of law.
It will be nice to see USCG implode and hopefully make sure that some of the blast hits Beryl Howell as well.
[ link to this | view in chronology ]
Extortion
[ link to this | view in chronology ]
Re: Extortion
They have presented "evidence" to support their position that these IP addresses hold to key to finding the infringer.
The Judge assumes no lawyer would be stupid enough to mislead the court.
The Judge approves the order, because these have to be issued quickly else the records be gone and they will lead them to the infringer.
They get the name of the person assigned the IP address during the alleged infringement.
They then send a letter to the account holder offering to settle what would be a long protracted case costing them much more than getting legal representation.
They make statements in these letters and point to other "wins" to increase the pressure.
They sometimes call the account holder to get them to say something that can be considered an admission of guilt.
If you mention your stupid roommate they still imply your responsible (this has yet to have its day in court).
They collect money and dismiss some Does, and then cycle the list trying to scare more people.
They at somepoint if forced, dismiss all of the other Does - with prejudice so they can try again in the future, as they still have the records.
If the original "evidence" was validated by an outside expert, if Judges understood an IP address is not like a fingerprint, there would be a much more difficult time for these cases.
This entire shakedown scheme started in Germany, then moved out to the UK, and now it has hit our shores. The sad thing is everywhere it has been the lawyers running it have ended up facing charges infront of a disciplinary board. Obviously anything a board can do to these lawyers is not enough that they would do the exact same thing as has been done before.
[ link to this | view in chronology ]
Why IP address alone is not a reliable identifier
1) DHCP-Dynamic addressing, Most ISPs use DHCP to assign IP addresses to users on an as-needed basis. When a user logs on he is assigned an IP address from a pool of IP addresses the ISP maintains. When he logs off that address goes back into the pool, and the next time that user logs on he may get an entirely different IP address, and someone else may get the IP address the first user previously had used. Most Internet users get their IP addresses by DHCP, as ISPs usually charge extra for a fixed IP address.
2) IP addresses can be spoofed-that is the person doing the spoofing can make his IP address to appear as someone else's.
The only reliable unique identifier that can be tied to a particular piece of equipment is the MAC address of the router, Ethernet card or other device that interfaces to the Internet. That number (more like a serial number) is unique to each and every device that connects to a network, but to the best of my knowledge is not recorded, and would probably be difficult to tie to a particular user from ISP or other records.
[ link to this | view in chronology ]
Re: Why IP address alone is not a reliable identifier
The problem is that MAC address is usually for the modem, but does not get to the MAC addresses of the router or the connected computers.
And you can spoof a MAC address, its often built into routers to deal with some ISPs trying to keep you from using the modem with a router. The router clones the MAC address of the machine registered to access the modem.
Oh and there are several programs that let you change MAC addresses.
[ link to this | view in chronology ]
Its Lawyers Like this That Make So Many Not Trust Anytihng Anywhere Anytime AnyPlace
[ link to this | view in chronology ]