Swedish Film Institute Learning That An IP Address Is Not A Person
from the lessons-learned dept
Earlier this month, an anti-piracy tracking company traced the origin of some Swedish films found on The Pirate Bay... all the way back to the Swedish Film Institute. After some embarrassment and further investigation, the Institute is now insisting that it can't find any evidence that someone there leaked the films... and they're complaining that the anti-piracy firm DoubleTrace "aren’t... forthcoming with their evidence." Shocking, I'm sure. But the larger point is that the Swedish Film Institute is pointing out that the IP address alone does not identify the user. This is, of course, entirely true. It's what tons of people have been pointing out for years, and what the film industry (and the recording industry) has often mocked as being a silly excuse. So I'm in agreement with TorrentFreak when it says:The important thing here is that when it comes to the allegations against SFI, and the refusal of the anti-piracy company to make their ‘evidence’ available, SFI should be given the benefit of the doubt.
But, unlike the hundreds of thousands of other ISP account holders around the world who receive letters claiming that they illegally uploaded a movie or song and therefore should pay compensation or, increasingly, be disconnected from the Internet, they are treated more respectfully, quite simply because of who they are.
An IP address is not a person, and unless anti-piracy companies want to let their ‘evidence’ be seen and tested in public, perhaps it’s better if they keep their allegations to themselves.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: copyright, evidence, file sharing, ip address, sweden
Companies: swedish film institute
Reader Comments
Subscribe: RSS
View by: Time | Thread
Satire or sarcasm?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
After all, since the guy (or gal, really) had a mask on, there will be no definitive way to identify who was driving. A lot of people share cars. Also, it is likely the thief stole the car, used it to rob the bank, and returned it before the owner noticed it missing.
Instead, based on this flimsy evidence, the police have actually been sent to people's houses. They have asked the owners questions, and some of them have reportedly gotten warrants to look for further "evidence."
We should not tolerate living in such a police state. This is what happens when you have a society with corporate personhood.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
A car passes by driven by someone whose face you don't see and catch a few bars of the music they are listening to.
We will skip over, for the moment the fact that said driver has committed the offence of an unwanted and probably unlicensed public performance because we have bigger fish to fry (Don't worry, we won't forget and they will get taken to court for the public performance part later).
There is every chance that the music being played was an unauthorized copy (it could be... and given all the piracy it probably is),
obviously taking the licence plate number and using it for further identification makes sense and what makes further sense is that unless the registered owner can prove that the music being played was not an infringing copy and identify the person responsible for the infringement then they should face legal threats and costs.
Now that's what I call an analogy.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
So what have we learned from this good analogy kids? You need further investigation before concluding the person was downloading the car! Obviously, if he/she uses the safety encryption and proper vpn it may become quite impossible.
[ link to this | view in chronology ]
Re: Re:
This works, if you work through an internet location.
[ link to this | view in chronology ]
Re:
Instead, what gets sent are threats and demands to pay up.
[ link to this | view in chronology ]
Re: Re:
Instead, what gets sent are threats and demands to pay up.
You're absolutely right, what they should do is skip that part and just move directly to litigation to actually do the follow-up investigation.
[ link to this | view in chronology ]
Re: Re: Re:
The record companies don't bother determining guilt or innocence which is why they've sued dead people, grandmothers without computers and technologically inept people with their shotgun approach to litigation.
The reason we like this story is that it highlights recommenmdations that we make which you conveniently left out of your flawed analogy:
1) An IP address does not equal an individual so further research is needed once you have that IP address much like the police do further investigation once they have a plate number AND DESCRIPTION OF THE VEHICLE (which you don't get from an IP address).
2) The method of capturing the IP address should be subject to verification much like the defense counsel would vet how the plate number was obtained. Did it come from a witness reciting it from memory? Did someone take a picture? Was there a video camera and the plate came from a sceen grab? All questions that can enhance or detract from the quality of the identification. With the record companies, the process of capturing an IP adderss has never been vetted or reviewed. While it could be incredibly accurate, it could also be incredibly flawed. Developers make mistakes and bugs exist in code. It happens and we all know it. The record companies refusing to allow review show an unwillingness to stand behind their methods. Now, whether that's due to intent to defraud or they just don't want to run the risk that their methods are shown to be flaed is another question that will never get proven.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Don't forget a laser printer. To be fair, that laser printer looked damn sneaky to me.
[ link to this | view in chronology ]
Re: Re: Re: Re:
By claiming more infringement, they can better lobby to have laws enacted that favor them and they will also be more likely to make money with the extortion letters.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
With your license plate analogy, the owner of the car has at all times been presumed innocent until proven guilty. Sure, let the police start their investigation with the owner, verify an alibi.
What you don't seem to understand is that the Sue-The-IP-Address-Account-Owner approach is just that. There is no further investigation. The method used to obtain the address has never been professionally vetted as to its accuracy. The person being sued is told that they are automatically guilty and must pay up to make the threat of going to court go away. Or they're disconnected from the internet simply because of accusations, with no further investigations to actually convict them in court.
Read the following sentence carefully. This is PUNISHMENT UPON ACCUSATION, not PUNISHMENT UPON CONVICTION.
[ link to this | view in chronology ]
Re:
Sorry officer, I can not tell you how I obtained that license plate number. If I did then it might jeopardize my future bank robber identifications.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
If the IP address comes back as a gateway or other "shared" access point (as in shared by the network admin, not someone running TOR), then it is much more difficult to determine who did the deed. There are ways, but they might require methods that would not pass legal muster in some areas.
However, to suggest an IP address is meaningless is pretty much bullshit.
[ link to this | view in chronology ]
Re:
In the same way that a car used in a robbery has the owner of the car questioned, an IP address can be used in the same way. However, ISPs (somewhat understandably, I might add) should be reluctant to use that as the sole piece of evidence before giving out privately-held information.
[ link to this | view in chronology ]
Re: Re:
Exactly. Sadly, this is not the case, because ISPs (and the courts) seem to want to block discovery of subscriber information as a basis. It would be like seeing a license plate at the scene of a crime, and not being able to run the plate because the car manufacture objects. It's insane.
If the IP address is a valid starting point, then ISPs should be required to turn over that information when a complaint is filed in the courts. That many of them seem intent on fighting this tooth and nail, and then dragging their feet on providing the information even after being ordered is painful.
[ link to this | view in chronology ]
Re: Re: Re:
If the IP address is a valid starting point, then ISPs should be required to turn over that information when a complaint is filed in the courts. That many of them seem intent on fighting this tooth and nail, and then dragging their feet on providing the information even after being ordered is painful."
ISPs (and the courts) are not wanting to block discovery of subscriber information just because. The reason they are having issues with discovery is because it is not being used in a legitimate way. What the various groups are doing is presenting an IP address and asking for the information on the owner of said address, for no reason beyond wanting to know where to send a letter to attempt to get them to settle the matter out of court. Their "proof" against said person is at that point stated as being their IP address.
So they are not necessarily against the discovery and releasing of said information (the ISPs and courts that is), but what they are against is the abuse of the courts in order to obtain information to then send what are essentially extortion letters to people who may or may not have committed any wrongdoing. Because as has been noted, repeatedly, an IP address does not equal a person. There have been tests conducted and studies shown that the data gathering methods (in regards to harvesting IP addresses) are flawed and prone to error, that IP addresses can be spoofed, change, etc. And that is the problem.
[ link to this | view in chronology ]
Re: Re: Re:
If the IP address is a valid starting point, then ISPs should be required to turn over that information when a complaint is filed in the courts.
So any complaint alleging that IP address xxx.xxx.xxx.xxx engaged in unlawful conduct at time yy:yy:yy should compel an internet service provider to divulge subscriber information.
If I want to unmask every anonymous coward writing on Techdirt, all I need is going to court and allege that the IP address at a specific time engaged in illegal conduct with no other corroborating evidence.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Copyright holders don't "allege", they actually show the activity as part of the complaint. Sorry if that fucks you world view. Your post my be tagged as insightful, but it is just a good indication of how truly stupid the sheeple are here.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
OK, so I've given the exact same amount of information that the typical big media companies give to ISPs. This is not proof...this is an allegation (by definition).
For all we know the "tracking" companies hired by big media could be randomly generating IP addresses, filenames, and dates and times, and then sending the letter to the ISP that came up in the WHOIS lookup.
[ link to this | view in chronology ]
Re: Re: Re:
Hand over your info please.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
You can claim that the driver fled the scene of an accident (or that he flipped you off, or that you just really don't like him very much) and see what they tell you....
Report it to the proper AUTHORITIES and they will follow up on it (hint, the ISP is not the proper authority).
[ link to this | view in chronology ]
Re:
However, I think it is pretty clear that just looking up who leased the address at the time of the alledged infringement is not proof enough to start sending settlement letters.
At least if you want to be sure that the person who actually infringed is the one paying.
Of course, if all you care about is that someone pays, then it does not really matter who did it, as long as they can in any way be tied to the ip address that some secret unverified program spat out.
[ link to this | view in chronology ]
Re:
Many inexperienced novices such as yourself contend so, but of course everyone with sufficient expertise knows this is utter nonsense. I suggest that you undertake the remedial education that you so obviously require in order to raise your clue level to one that is at least minimally acceptable for participation in this conversation.
[ link to this | view in chronology ]
Re:
If using windows, administrator will show up as being logged on at all times. At least with the people I know who use windows.
[ link to this | view in chronology ]
Re:
Even more so if the party using the IP doesn't even have proof of any actual transfer of data occurring but just an IP number.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
No secrecy, no money
Evidence can't be secret.
If the network owner isn't notified of where, how and when the alleged infringement took place, there is no possibility of proving anything, except that no infringement took place.
And proving a negative is impossible.
[ link to this | view in chronology ]
[ link to this | view in chronology ]