Researchers discover that “Practically any Internet user can be framed for copyright infringement today,” and that “Even without being explicitly framed, innocent users may still receive complaints.”
University of Washington researchers released a new study today that suggests that the current tactics being employed by the entertainment industry to target copyright infringement among BitTorrent users are flawed and prone to false accusations.
“Because current enforcement techniques are weak, it is possible that anyone, regardless of sharing content or using BitTorrent, could get a DMCA. takedown notice claiming they were committing copyright infringement,” said Mr. Piatek.
Tadayoshi Kohno, an assistant professor, Michael Piatek a graduate student, and Arvind Krishnamurthy, a research assistant professor, argue in “Challenges and Directions for Monitoring P2P FileSharing Networks” that the current method employed by copyright holders to identify illegal file-sharers can not conclusively determine if actual copyright infringement has taken place.
“We have conducted the first scientific, experimental study of monitoring and copyright enforcement on P2P networks and have made several discoveries which we find surprising,” they write.
The study is curious result of a previous measurement of BitTorrent conducted in August of 2007 in which they received more than 200 DMCA takedown notices without having actually downloaded or uploaded any data whatsoever. They then recently realized that this was worth revisiting to determine just how rampant or widespread the practice is.
Among their findings:
- Practically any Internet user can be framed for copyright infringement today.
By profiling copyright enforcement in the popular BitTorrent file sharing system, we were able to generate hundreds of real DMCA takedown notices for computers at the University of Washington that never downloaded nor shared any content whatsoever.
Further, we were able to remotely generate complaints for nonsense devices including several printers and a (non-NAT) wireless access point. Our results demonstrate several simple techniques that a malicious user could use to frame arbitrary network endpoints.
- Even without being explicitly framed, innocent users may still receive complaints.
Because of the inconclusive techniques used to identify infringing BitTorrent users, users may receive DMCA complaints even if they have not been explicitly framed by a malicious user and even if they have never used P2P software!
- Software packages designed to preserve the privacy of P2P users are not completely effective.
To avoid DMCA complaints today, many privacy conscious users employ IP blacklisting software designed to avoid communication with monitoring and enforcement agencies. We find that this software often fails to identify many likely monitoring agents, but we also discover that these agents exhibit characteristics that make distinguishing them straightforward.
The purpose of their study was to highlight the need for greater transparency among copyright holders and law enforcement when it comes to the methodology and techniques they use to identify illegal file-sharing.
In the study they “…intentionally try to receive DMCA takedown notices.” To do this they measured and analyzed tens of thousands of live BitTorrent swarms with and the DMCA complaints these measurements attracted.
As we all know, the way it works is that copyright holders monitor P2P and file-sharing collecting evidence of infringement, and then issuing Digital Millennium Copyright Act (DMCA) takedown notices to people it suspects of illegal file-sharing. These notices are formal requests to stop sharing the copyrighted material in question and are usually sent to a user’s ISP when then forwards it to the individual whose IP address stands accused in the notice.
The researchers asked themselves “how are infringing users identified?” There are two options – indirect or direct.
Indirect detection means simply looking a the list of connect IP addresses in the BitTorrent client and assuming illegal data transfer has actually taken place.
Direct detection involves connecting to one of the peers in a swarm and then actually exchanging data with that peer to confirm copyright infringement. This method is obviously not the preferred choice since it is much more labor and resource intensive.
Despite the “direct detection” method being the most conclusive and the standard approach for monitoring other file-sharing networks like Gnutella, the researchers conclude that the “indirect detection” method is being used to monitor BitTorrent.
They even went so far as to implicate three laserjet printers for illegally downloading copies of “Iron Man” by using the network device’s IP address as a proxy server in the BitTorrent client.
Moreover, it’s long been argued that the BitTorrent community is immune to the type of lawsuits targeting users of Direct Connect-style file-sharing programs since it does involve much more labor and resources. Also, since it concerns packets, or pieces of data, could one really be accused of illegally sharing 12% of a song? Would they then face 12% of the standard fines for copyright infringement?
I think what the study really shows is that copyright holders are merely trying to scare users away from using BitTorrent and aren’t doing any of the real investigative work currently employed to catch users of direct connect programs like KaZaA or Limewire which is much, much easier to ascertain.