Challenging BPI's Claims That IP Addresses Alone Are Accepted By Courts As Proof Of Infringement
from the lies-the-recording-industry-tells dept
BPI, the equivalent of the RIAA in the UK, is apparently insisting that the evidence it uses to accuse file sharers of infringement is “of an extremely high standard.” Of course, the “evidence” is an IP address, which anyone with a basic understanding of technology knows is, by itself, not indicative of much. You could combine that with other evidence to have a bit more useful info, but IP addresses are hardly the sort of “extremely high standard” of evidence you would think they are from the BPI’s claims. So, the folks at the Open Rights Group are asking BPI to back up their claims that the evidence is of such a high standard and that UK courts have accepted this evidence, asking a simple yes or no question:
Has any UK court ever treated an IP address as being sufficient by itself to identify a defendant as a copyright infringer in a contested copyright infringement claim decided after a trial of an action?
This is because — in typical recording industry misleading fashion — BPI uses weasel words in its claims, saying
It is the same quality of evidence that was provided in more than one hundred cases to the High Court in litigation against end users and which was accepted by the court in each case. Most of these cases resulted in settlements, and all of those on which judgment was given found in the BPI’s favour
Hmm, citing settlements is useless because a “settlement” is not a ruling on the merits, and therefore does not prove that an IP address is quality evidence. And while judgments are made on the merits, saying that such evidence was used in successful cases is not the same thing as saying an IP address, in and of itself, is sufficient to prove infringement. Apparently, ORG asked BPI to clarify this well over a month ago, and still has not received an answer. Shocking.
Filed Under: evidence, ip addresses, uk
Companies: bpi
Comments on “Challenging BPI's Claims That IP Addresses Alone Are Accepted By Courts As Proof Of Infringement”
And they are never going to answer that question because the BPI guy’s are weasels and dumb. were caught lying and trying to apply the distortion reality field and failed.
There are people who never learn.
One lady is saying some outrageous things in public.
http://www.zeropaid.com/news/91251/eu-digital-agenda-vp-need-to-sideline-content-gatekeepers/
Kiwis want their mobiles clean.
http://www.zeropaid.com/news/91257/music-industry-slams-kiwis-mobile-phone-three-strikes-exemption/
Seems unfair ...
… to argue concepts such as truth with those who are not experts in that field …
they can never proove it as they know they are lying.
So, according to Techdirt what is "acceptable evidence"?
OK, let’s assume that IP address is not enough. What kind of another evidence can be presented? Since this is civil suit, BPI (or whoever else) can’t search people’s home and seize computers. All can be seen from outside is “IP address X distributing file Y via protocol Z”.
I’m all for due process, but let’s not make ridiculous and technically incorrect claims.
Re: So, according to Techdirt what is "acceptable evidence"?
technically incorrect claims… what?? are you serious? Listen to me. I PROMISE you, from over 20 years in the business and thousands upon thousands of individual workstation audits that the majority of magnet links are going to someones workstation who downloaded a screensaver and wont call support bc they’re afraid they’re going to get canned. That’s no exaggeration either. One company, who shall remain undamed was found to host over 4 TB of “warez” files which were liked to from a Chinese site that was a… well, let’s just say. IP is not enough, there needs to be some sort of intermediate process or informal investigation.
Actually just 3 days ago, my own mother called me over to look at her system, it had 2 Trojans installed. I can’t think of a fair system that would destroy the lives of it’s most vulnerable people, so one industry can scare people, who already buy into buying over and over again to compensate for diminished revenue due to those that won’t ever buy… I don’t know what kind of money you have laying around to defend yourself but 100k is more than most have in the bank. This practice is entirely based on that reality, and if you don’t know that, well…
Re: Re: So, according to Techdirt what is "acceptable evidence"?
You’re in the wrong pharse.
They have to pass the identity to the court to file the case, only after the case has been filed those users have the need to proof themselves innocent.
In such an early pharse it’s unfair for them to require them to pick out user list that’s possible trojan victims.
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
What the hell?!?! Since when do you have to prove yourself innocent?
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
The entire point is that the defendants who are accused of the infringement don’t have to prove their innocence. The companies bringing the lawsuits have to prove their case. An IP address as evidence is not accompanied by webcam footage with a date and timestamp of the person (with whom the IP address has been associated by their ISP) committing the act alleged act of infringement. Researchers have already shown that you can get DMCA takedown notices sent to networked printers that aren’t file-sharing at all (http://dmca.cs.washington.edu/dmca_hotsec08.pdf).
There may be circumstantial evidence that increases the likeliness that the defendant did commit the infringement(such as using your own username/email address on a peer-to-peer network like Kazaa), but even then, it’s easier to argue that the person is responsible because it was their connection and their computer, because you can’t use that as evidence to prove that the defendant did actually commit the infringement. A neighbor’s kid might have come over and downloaded music. They might have wi-fi, which may be open because they don’t know how or want to implement security settings, or their wireless network may be hacked (since it is relatively easy to do so).
The problem is that the approach of these lawsuits is to assume guilt, send settlement letters, and reap in the payments, without having sufficient evidence (that and the entire system of copyright is an abuse itself). And the companies’ lawyers don’t usually need greater evidence. If you send a threatening letter from a law firm to random people and claim you’ve detected copyright infringement, many are going to settle, whether or not they did it. It’s the telemarketing or email spam method. Shoot enough bullets and you’re going to hit something. Not many people have the time or money to fight lawsuits.
Re: Re: Re:2 So, according to Techdirt what is "acceptable evidence"?
Isn’t that pretty much how a protection racket operates?
Re: Re: So, according to Techdirt what is "acceptable evidence"?
I have no idea what you tried to say here.
Re: So, according to Techdirt what is "acceptable evidence"?
IP address plus IP allocation log from ISP (requested with warrant from court of course).
IP address alone doesn’t mean much unless the user is using a static IP plan (in such case you’ll also need confirmation from ISP as a proof of such plan that IP address won’t change)
Re: Re: So, according to Techdirt what is "acceptable evidence"?
I omitted reference to ISP allocation log for sake of simplicity in discussion.
Such log can be assumed as present, otherwise where do you think defendant name came from?
Re: So, according to Techdirt what is "acceptable evidence"?
What kind of another evidence can be presented?
IP address merely indicates the subscriber. Seizing computers would be pointless as people can simply swap drives, get new computers etc.
However, further evidence could include information gained from any direct communication with that subscriber. Most of the speculative invoice letters doing the rounds are specifically written not only to create a chilling effect, but also to encourage the subscriber to give up further information that could possibly be used against them at some point down the line.
It is an unfortunate fact that upon receiving these letters, many people either panic or get cocky, and ring or write to the law firms giving up all sorts of information about their home and family situation, their online activities, their knowledge of file sharing, of computers, networks etc etc.
It’s that communication that will get picked to pieces for ‘further evidence’.
This is similar to the parking tickets issued from private car parking companies (a civil ‘contract’ issue). The invoice gets sent to the registered keeper of the car, but they have no evidence as to who was actually driving it, so can’t really pursue it much further than constant streams of threatening letters. However, if the car owner writes back and admits they were driving (and many do, typically while writing a ‘back off, I’m not paying’ letter), then the parking firm have concrete evidence to take to court.
IP Address alone does not prove that an individual committed any infringement; and that’s also assuming that there were no mistakes made in collecting the IP Address in the first place.
I also find it troubling that any ‘evidence’ collected solely by an ‘interested party’ (i.e. the rights holders or their agents), with no independent overview whatsoever, could ever be considered valid evidence at all.
Re: Re: So, according to Techdirt what is "acceptable evidence"?
I also find it troubling that any ‘evidence’ collected solely by an ‘interested party’ (i.e. the rights holders or their agents), with no independent overview whatsoever, could ever be considered valid evidence at all.
It wouldn’t get past the ACPO guidelines in the UK
Principle 3: An audit trail or other record of all processes applied to computer based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result.
(see my link in comment below below for full detail.
Re: So, according to Techdirt what is "acceptable evidence"?
OK, let’s assume that IP address is not enough. What kind of another evidence can be presented?
Your fundamental flawed assumption is that it somehow has to be possible to get adequate evidence.
The point is that it isn’t – and no amount of wishful thinking will change that.
Live with it.
Re: Re: So, according to Techdirt what is "acceptable evidence"?
>> Your fundamental flawed assumption is that it somehow has to be possible
You’re funny man. So, no crime committed over internet can be prosecuted? Just because you think that IP address is not an evidence? Are you for real?
Every technological or political change begin with wishful thinking.
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
And your approach is that of King Herod.
We can’t find the real “culprit” so we just kill everyone who vaguely fits the description.
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
You’re funny man. So, no crime committed over internet can be prosecuted? Just because you think that IP address is not an evidence? Are you for real?
Of course some crimes committed over the internet can be prosecuted, and yes and IP address can be a useful “lead” for investigators. However the lead hs to be followed up, and the methods required for that to produce real evidence are rigorous.
See for example the UK police guidelines on the subject.
I am very much for real – it is you that is in fantasy land.
Every technological or political change begin with wishful thinking.
Not that kind of wishful thinking.
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
I love trolls.. no that’s not what he said. It is very very difficult though. I have actually been involved in an investigation of fraud using a computer. It took weeks of forensic examinations of every system involved to get to the point where they could prove a crime had been committed then months of further investigation to prepare it for trial. Even then I’m pretty sure a competent lawyer could have got a not guilty verdict if the person in question hadn’t copped a plea in the end.
And bear in mind that was where the forensic examiners had full access to every system involved on a private corporate network where at least a basic level of security is mandated and were dealing with a primary system that held financial data and so logging and auditing was far above the industry norm for general systems.
Just how rigorous a proof do you think you would get out of a home network in a similar case? Of course that pre-supposes an actual burden of proof as in a criminal trial. For copyright infringement and especialy file sharing the current standard seems to be “Well, I (the person with a financial stake in a guilty verdict) say they are guilty, so they must be!”.
With this level of “proof” on the plaintiff side I consider that acceptable defenses should include:
-The “Liar! Liar! Pants on fire!” defense
-The “A big boy did it and ran away!” defense
-The “A dog ate my homework.” defense
and of course
-The “Mysterious dude” defense (that’s the one that starts “This dude, I’d never seen him before, came and….”
Re: Re: Re: So, according to Techdirt what is "acceptable evidence"?
sure if there is a crime…
and when it actually is a crime, there are rules for whats admissible in court and not only how that evidence is introduced but who is allowed to look for that evidence in many cases.
Re: So, according to Techdirt what is "acceptable evidence"?
If the claim that needs to be proven by evidence is that “Person X performed (illegal) action Y on computer Z” then clearly an IP address won’t be: it’s laughably inadequate. To establish this claim requires showing that computer Z was at that IP at the particular time that action Y is alleged to have occurred; showing that action Y did in fact occur, and at that time; and showing that person X performed action Y.
There are at least 100 million fully-compromised systems out there; probably more like 200 million by now, if we conservatively extrapolate growth rates, consider the size of contemporary botnets, factor in the steadily-declining effectiveness of anti-malware software, and, well, just look at our own log files, which unfortunately only a tiny fraction of system/network administrators ever do.
Nothing that any of those systems do can be attributed to their former owners, because there’s no way to externally distinguish between “an action taken by the new owners” and “an action that the new owners permit the former owners to take”. If the former owners can still browse the web or read email or whatever, that’s only because the new owners have allowed them to do so: it’s not the former owners system any more.
This is common knowledge among everyone who’s been paying attention to security for most of the past decade: at this point, it’s like announcing that the ocean is wet. Clearly BPI et.al. are willfully choosing to omit this — it’s quite impossible that any entity with the technical resources they possess is unaware of it.
A forensic-grade examination of computer Z — a competent forensic-grade examination — may, under some circumstances, be enough to establish that it isn’t (at the time of the examination) owned by someone else. (Of course that doesn’t mean it wasn’t earlier: systems alternate between those two states all the time.) But even that, combined with (let’s say) evidence that Z was used to do Y while on the IP address in question and at the time in question doesn’t come close to proving that X did it unless there is additional supporting evidence showing that X was the only one with physical and logical access.
The bottom line is that evidentiary standards from decades ago, when there were no bots and no DHCP and no laptops and seven orders of magnitude fewer systems and so on simply don’t apply any more. Unfortunately BPI et.al., who are clearly aware of this, have no reason to educate judges or juries about it, and to date, defense lawyers haven’t (AFAIK) mounted an appropriate educational effort either. And so the farce continues.
Re: So, according to Techdirt what is "acceptable evidence"?
unless it’s video of the person sitting in front of the pc downloading.. they are SOL. even then I don’t know.. I’ve seen some brilliant special effects in movies.
As far as I’m concerned, that is the cost of doing business.
don’t like it? get out
Re: So, according to Techdirt what is "acceptable evidence"?
“””What kind of another evidence can be presented?”””
A full confession extracted by none other than the Spanish Inquisition!
(Our two weapons are fear and surprise…and ruthless efficiency…)
an analogy
In the BPI’s eyes then: If a person steals a car, and runs somebody over and kills them, the car owner is guilty of vehicular homicide – yeah makes perfect sense.
/facepalm
Re: an analogy
Actually, you’re correct. If someone steal your car, runs over somebody (with deadly result) – it’s up to you to prove that your car was stolen. And yes, this makes perfect sense.
Same, btw, with guns. If somebody got killed with your gun – you’re first suspect.
Welcome to reality.
Re: Re: an analogy
The meat is in your pudding. ‘First suspect’ does not imply guilt. There’s normal legal procedure, criminal investigation, trial etc.
The BPI on the other hand would rather simply convict based on an assumption that 1 IP = 1 person, equally 1 car does not equal 1 driver.
Clear enough Mr troll?
Re: Re: Re: an analogy
>> ‘First suspect’ does not imply guilt.
You never been there, don’t you? Unless _you_ (not police) shows that your car/gun had been stolen, you’re guilty.
You’re living in a dream world of some kind of “ultimate justice”. Real world is nothing of this kind.
Re: Re: Re:2 an analogy
“Unless _you_ (not police) shows that your car/gun had been stolen, you’re guilty.”
From which country are you citing the law?
In many civilized societies there is presumption of innocence, at least it says so in their laws.
Re: Re: Re:3 an analogy
They’re from the future where people no longer get to have rights.
Computers!
Re: Re: Re: an analogy
If someone steal your car, runs over somebody (with deadly result) – it’s up to you to prove that your car was stolen.
Can’t be – because of the following scenario:
Thief hijacks your car and has a crash in which you (in the passenger seat) and a 3rd party are killed. The hijacker moves you body into the driver’s seat and then runs off.
Would it be right for the police to simply assume it was all your doing and let the case rest?
(After all you aren’t around to take responsibility for proving your innocence)
Re: Re: Re:2 an analogy
And then the dead guy will receive a threat letter claiming he illegally downloaded copyright material on the day after the car wreck.
Re: Re: an analogy
If someone steal your car, runs over somebody (with deadly result) – it’s up to you to prove that your car was stolen.
Wrong -it’s still up to the prosecution to prove that you were driving.
If you can prove that your car was stolen then this WILL help to get the police of your back – but it isn’t necessary in order to be acquitted.
Re: Re: Re: an analogy
Not a lawyer, but…
Richard—
I’m familiar with it more in the tort context (which would actually be a closer analogy to use of IP addresses in infringement, anyway) but Ifroen is talking about a real legal issue. Many states only make the owner of a car vicariously liable for a drivers torts if the driver was family, but that’s not universal. New York has a permissive use statute, which means that the owner of a car can be held vicariously liable for the unintentional torts of any driver who had permission. And the key point is that the defendant has the burden to DISprove permission. The plaintiff wouldn’t have the initial burden of proving permission. I’ll have to leave it to Ifroen to confirm whether this also applies criminally, but the IP/car analogy seems to hold up civilly…
abc gum—
Again, I can’t speak to the criminal issue at the moment, but in civil cases it’s about American law. (Or, perhaps more accurately, about the law of some American states, since they vary.) And even if it does apply criminally, it wouldn’t mean the presumption of innocence was being ignored.
That presumption doesn’t mean that the prosecution bears the burden for every single point raised. They bear a heavy initial burden, but if the defendant raises a defense, the defendant can have the initial burden of demonstrating that defense. (I say “often” again because these burdens can also vary by state.) Generally, the prosecution would have to disprove each element of the defense beyond a reasonable doubt, but even at common law a defendant had to prove insanity by a preponderance. And in New York, there are two categories—1) defenses, which the prosecution must disprove beyond a reasonable doubt, or 2) affirmative defenses, which defendant must prove by a preponderance of the evidence.
Long story short—I can’t speak towards the car example in a criminal context, but in the tort context some states do require you to disprove ownership. And even criminally, the presumption of innocence does not mean that the prosecution must disprove defenses 100% of the time.
Re: Re: Re:2 an analogy
The thread is discussing the attitude of the BPI. This is a UK operation so it is UK law that applies to this thread. As such your comments about particular US state laws are not really relevant.
Certainly in the UK specific authorisation is necessary to create liability for copyright infringement.
Consequently no-one in the UK has ever been successfully prosecuted for copyright infringement on the basis of an IP address alone.
Re: Re: Re:3 an analogy
That’s a strangely narrow viewpoint of what’s relevant, Richard.
One user made the analogy between IP addresses and automobiles in an effort to demonstrate how ridiculous BPI’s stance is. Not just whether it is legally valid, but that it is patently ridiculous: if BPI’s reasoning applied elsewhere, look at how unconscionable the result would be.
Demonstrating that the analogous, intended-as-ridiculous result actually has occurred pushes back against his suggestion that the law couldn’t possibly stomach BPI’s logic. And even if he hadn’t made the analogy first, it’d still be reasonable for me to offer it, as it can contribute to a broader point about how presumptions of liability sometimes shift the normal burdens of proof.
I didn’t weigh in on whether BPI’s argument ought to be win out, normatively, nor whether BPI’s argument actually does hold up under the particular UK laws involved. But other posters were discussing whether BPI’s legal logic was inherently flawed and legally laughable, so I weighed in on that point. It seems pretty clear that that argument is relevant to the original post.
Re: Re: Re:4 an analogy
Demonstrating that the analogous, intended-as-ridiculous result actually has occurred pushes back against his suggestion that the law couldn’t possibly stomach BPI’s logic.
We all know the law can be an ass at times – so the fact that you can find examples of stupid laws doesn’t necessarily affect general principles.
The law (if you trawl through the stupidities of particular US states) can stomach an amazing variety of foolishness (almost including at one time that the value of PI whould be 4) so I’m still not sure how your examples really advance the argument.
Re: Re: Re:2 an analogy
“driver who had permission.”
You are the first to add that to this really bad analogy.
1) equate civil to criminal
2) guilty till proven innocent
3) responsible for the actions of others
4) rinse, repeat
5) profit !
Re: Re: an analogy
ok, you are either a brilliant troll or a blathering idiot.
in criminal cases as you are pointing out, the burden of proof is on the prosecution, not the defendant. plain and simple. if someone steals your car and kills someone with it, the way it works is THEY have to prove you were driving not YOU have to prove you werent.
I comment because I can!
DHCP, the four little letters that completely destroys their “proof”, causing it to all fall apart. Combined with the ability to change ones MAC address, which anyone can easily do, it becomes difficult to see how the typical tracking methods most ISP’s employ could ever stand up to proper scrutiny (emphasis on proper). Then there is also the privacy and data retention element to contend with which we’ve seen once again recently.
For example, my IP address used to change all the time. It wasn’t until several years ago, when piracy began making the headlines a lot more often, that IP address turn over was dialed so far back that it bordered on being static. Even so, simply changing one single letter/number of my MAC address is enough to force my ISP’s automated DHCP server to hand out a new IP address. I can always tell when it gives me the address of someone who has been using file sharing too because I will get hammered with tons of unsolicited incoming connection attempts, at which point I change it again.
I’ve often wondered over the years what will happen when the current generation, those wielding most of the power, inevitably retire and are replaced by younger, more technically knowledgeable folks? You know, the ones who aren’t phased at all by technology. Slowly, with each passing day, it is becoming more and more noticeable that those who were too scared and/or inept to set the clock on their VCR are beginning to vacate their positions of power. I truly believe the current mindset on things, such as file sharing, is going to be radically different a decade from now. No matter how many minor victories they achieve, the cards are ultimately stacked against the entertainment industry and they will lose the war.
Despite fourteen years of internet use, I have never gotten a single warning. I’m sure some ISP’s have better methods of tracking their users, but we haven’t really seen them. Well, at least I haven’t insofar as all the court cases to date are concerned. Even if things do go horribly awry some day, I’m not too worried because I know there are plenty of alternatives. Getting ones hands on free entertainment is just too easy where technology is concerned, and it gets a little bit easier every year. Don’t get me wrong, I feel artists should be paid for their work and am happy to do so provided the circumstances are fair. When the entertainment industry finally decides to offer comparable service, convenience, quality, and pricing as I currently get from file sharing, and can do it without the constant attempts at controlling when/where/how I use their product, I will be the first to sign up. A reasonable monthly rate that allows one to access anything and everything ever created since the dawn of time, all on demand; who wouldn’t want to sign up for that? Even though file sharing is a powerful tool, I don’t it will ever be able to fulfill what I have in mind, at least not the way the industry could. Imagine turning the internet into the biggest central library of culture ever conceived. It would be as significant as the Library of Alexandria was. Too bad the industry is so blinded by greed and cannot see the bigger picture.
Just to make it clear for those who don't habla IP addresses
Preaching to the choir mostly I suspect but someone may find it useful. I’d suggest that anyone who knows anything about networks skip this.. oh and anyone not interested in reality can skip it too
An IP address as seen from the internet is (almost) never 1 person. In fact it can potentially represent thousands of people.
NAT (Network Address Translation) is a process whereby the address of a computer on a local (private) network is translated on to a “real world” IP address.
NAT overload is where one “real world” address is used to represent many “private” addresses, that are kept straight by the box that joins the 2 (the router). This process is not trackable to the source from the “outside world”.
NAT overload is the default usage for interenet connections in (almost) every home internet connection and most companies.
In order to track a specific usage (session) of a “real world IP” to the PC using it requires the NAT log from the router doing the translation so that the MAC (hardware) address of the device can be matched to the specific connection session to the real world.
Most domestic internet routers do not log this. Most company routers don’t keep the logs for very long.
Assuming you get to the specific device that made the connection, the only way to tie it to a person is a username logged in the system log.
Many home users share both computers and usernames. By default most computers do not log user logons and logoffs. Many companies do not log user logons either.
Many home wireless networks are completely open for any user passing the house to use (see Google wireless data capture furore – this is what it was about). Where they are secured, it is mostly trivial to break wireless security – the basic “out of the box” level called WEP takes 5 seconds or less to break with freely available software. Such a “rogue” user will appear identical to the outside world as a legitimate user of that connection.
Many companies allow the usage of their network by visitors. Events for example often give free access to press (and trust me press laptops are fairly likely to be virus ridden and used, shall we say “dubiously”)
For simplicity we will ignore all the myriad ways in which the various identifiers (internal IP, external IP, MAC, username) can be faked and require serious forensic examination to track down or even detect the fakery.
On my own home network my “real world” IP address can represent approx 15 devices and 6 users that *I* know about (i.e. not including uninvited guests). On a corporate network the legitimate users of a single “real world” IP can number in the thousands.
Basically, an IP address is “proof” of NOTHING. In any case where the IP address is the “evidence” you are at BEST talking about secondary liability and even that is tough to actually prove if you are using a rigorous process.
Re: Just to make it clear for those who don't habla IP addresses
One point you missed.
On many cable systems it is possible to attached a “hacked” box and create a phantom user that does not officially exist. The IP address of such a user will inevitably be mapped onto that of some legitimate user. equally inevitably the users of hacked boxes will be heavily into piracy – since they are already breaking the law – and believe themselves (justifiably) to be pretty much untraceable.
According to one computer crime consultant (employed to catch such people) there are parts of the UK where such hackers are unprosecutable because most of the jury will be using hacked boxes themselves!
Re: Re: Just to make it clear for those who don't habla IP addresses
Just the one? 🙂 I missed loads of points. That’s why I put in the caveat
I was more interested in demonstrating that even where no “naughtyness” has taken place with any of the equipment involved it is all but impossible to satisfy any reasonable burden of proof to tie an “infringing” IP session (and don’t get me started on that!) to a specific individual. As you say even fairly trivial “hacks” will muddy the waters even further.
Re: Re: Re: Just to make it clear for those who don't habla IP addresses
Not to mention straightforward bugs in the numerous pieces of s/w involved.
???
You’re kidding me, right? Only the most very dim and technology challenged would consider an IP address to be evidence. Really!
Re: ???
Well… them and Sherlock Holmes surely? I’m sure Mr. Holmes could extrapolate not only the perpetrator, but their height, weight, hair colour, dietary requirements, accomplices, music preference (of course), sexual inclinations and the fact that their great grandmother once had a kitten called “pinky” that she was mean to based on the evidence of a single IP address.
I hear the BPI hired him last week.
Oh,wait.. hang on a minute..?
Re: Re: ???
For all of that I think he would need the ashes from his pipe as well.
I thought dynamic IP address assignment was random and reshuffled every 12 hours or so. So how does a ISP even know who is who? Is there a list kept of assigned random IP addresses by the ISP? As a network engineer who worked on backbone installation and repair I was told that there was no way of knowing unless the assignment software kept a record of IP addresses that were linked to the customer ID and then stored in a database. This makes me doubt the validity of using any IP as evidence unless it is static or fixed. If you watch your IP address on your computer for a few days it will change several times. I find it hard to believe that any company keeps accurate records of which IP went where. This could become an enormous database.
Re: Re:
Not random exactly except the first time (or first time in a long time). Unless ISPs deliberately make it so of course. DHCP will by default “prefer” to re-grant the same address lease to the same device (MAC address) and the longer lease-time mentioned makes that a bit more likely as the protocol also includes checking and renewing the lease if 50% of the lease time has expired. If the lease-time is short (e.g. hours) the device may be off for the 2nd 1/2 of the lease time. If it’s long (days) there’s a better chance the device will be up at some time during that window and therefore re-get the same address.
As for logging, most decent DHCP solutions will log lease history, but I wouldn’t imagine ISP’s keeping this data for long, but it’s not really that much data per event- you get 2 numbers (IP and MAC) and maybe a bit of text info about the requesting client type You’d probably get about 2 million log entries in 1 GB. A few GB per month I’d guess depending on how big the ISP.
Out of that, if you were in time, you’d get the IP address and the MAC (hardware) address it was leased to. Comparing the hardware of the endpoint device (router) would “confirm” (well no not really but lets assume no-ones done anything naughty) the source internet connection of the IP address.
Of course that still doesn’t get you anywhere near the person making that connection, all it does is identify the source location and not even that since both IP and MAC can be spoofed – I’d think you’d pretty much have to trace it in real-time to get anything that woudl amount to “proof”
this is why they hate safe harbor provisions
the truth is that that while an IP is not enough evidence, there is no cost effective AND legal way to obtain the proper evidence, so BPI will continue to pretend otherwise.
BPI wants, nay it NEEDS for an IP to be sufficient evidence because it’s all the evidence they’re going to be able to get without breaking the law or going broke conducting investigations.
this is why safe harbor provisions are such a bark up the ass for groups like this. the people they are going after are hard to find and aren’t likely to have any money. it would be better in their opinion to just sue ISPs, since they’re easier to find and are more likely to have money.
civil suits are supposed to be about justice, but they’re really about getting paid. expensive proceedings against broke people are lousy ways to get paid.
policing the distribution of content is also an expensive process when done legally. this is why the MPAA’s and the BPI’s of the world would prefer to force ISP’s and website operators to do the policing instead.
BPI?
I wonder if they have eve tried to rock the rockies?
Re: BPI?
lol that brings back memories! Do they still play that robotic voice for the tagline?