German Court Holds Internet User Responsible For Passing On Unknown, Encrypted File
from the knowing-the-unknowable dept
A natural response to the increasingly harsh enforcement of laws against unauthorized sharing of copyright files is to move to encrypted connections. It seems like a perfect solution: nobody can eavesdrop, and so nobody can find out what you are sharing. But as TorrentFreak reports, a German court has just dealt a blow to this approach.
The case involves RetroShare, which describes itself thus:
RetroShare is a Open Source cross-platform, Friend-2-Friend and secure decentralised communication platform.
That sounds pretty safe, but TorrentFreak explains why it wasn't in the current case:
It lets you to securely chat and share files with your friends and family, using a web-of-trust to authenticate peers and OpenSSL to encrypt all communication. RetroShare provides filesharing, chat, messages, forums and channels
This week a Hamburg court ruled against a RetroShare user who passed on an encrypted transfer that turned out to be a copyrighted music file. The user in question was not aware of the transfer, and merely passed on the data in a way similar to how TOR works.
That's because the user can't know what's in an encrypted file passing through his or her system, and thus cannot guarantee that it is not the song in question. In truth, this situation is partly the user's own fault:
The court, however, ruled that the user in question, who was identified by the copyright holder, is responsible for passing on the encrypted song.
The judge ordered an injunction against the RetroShare user, who is now forbidden from transferring the song with a maximum penalty of €250,000 or a six month prison term. Since RetroShare traffic is encrypted this means that the user can no longer use the network without being at risk.
RetroShare derives its security from the fact that all transfers go through "trusted friends" who users themselves add. In this case, the defendant added the anti-piracy monitoring company as a friend, which allowed him to be "caught."
But even if the court case in Hamburg is a result of fairly exceptional circumstances, it creates an awful precedent: that German users are responsible for encrypted contents passing through their connection, even though there is no way they can know what they might contain. Unfortunately, this is of a piece with a previous ruling by a German court that people can be fined for what others do with their open wifi connections, regardless of whether they knew what was going on.